Merge pull request #3832 from nextcloud/fix_1303

Do not clear CSRF token on logout (fix for #1303)

lib/private/Session/CryptoSessionData.php

@@ -129,7 +129,11 @@ class CryptoSessionData implements \ArrayAccess, ISession {
 	 * Reset and recreate the session
 	 */
 	public function clear() {
+		$requesttoken = $this->get('requesttoken');
 		$this->sessionValues = [];
+		if ($requesttoken !== null) {
+			$this->set('requesttoken', $requesttoken);
+		}
 		$this->isModified = true;
 		$this->session->clear();
 	}