diff --git a/AuthRemoteuser.body.php b/AuthRemoteuser.body.php
index 2941ad6bee90a43ffe688026273a9403204f8fda..75d61c63dd916cfa610a0081c1bfeb15b2036b52 100644
--- a/AuthRemoteuser.body.php
+++ b/AuthRemoteuser.body.php
@@ -59,7 +59,8 @@ class AuthRemoteuser extends MediaWiki\Session\ImmutableSessionProviderWithCooki
     {
         // Have a session ID?
         $id = $this->getSessionIdFromCookie($request);
-        if (null === $id) {
+        // #6 assign a new sessionid if the id is null or if the session is no longer valid
+        if ((null === $id)||(!MediaWiki\Session\SessionManager::singleton()->getSessionById($id))) {
             $username = $this->getRemoteUsername();
             $sessionInfo = $this->newSessionForRequest($username, $request);