Related to my previous question: .htaccess check for cookie first, then valid-user

Hi guys, I really would appreciate some help from the experts here. My httpd.conf should require a user login using mod_auth_mysql OR a cookie - but now it's only checking for a user login. The code from the previous question is now located in my httpd.conf.

What's Working:

Currently, all /var/www/downloads and subdirectories for users (/var/www/downloads/~username~) require a username and password using mod_auth_mysql. This works.

What's not working:

The problem is: I have settings which SHOULD require either a login using mod_auth_mysql (works), or a cookie (doesn't work). If the cookie is present, then it should automatically display the contents of the directory when a user goes to /var/www/downloads/. But it doesn't, it asks for a username/password still.

I'm using SetEnvIf, but it might be being used incorrectly with "satisfy all". I might have conflicts between httpd.conf and /sites-enabled/000-default. I'm not experienced with most of the stuff here, so any help would be massively appreciated!

HTTPD.conf:

RewriteEngine on
RewriteLogLevel 9
RewriteLog /var/www/logs/rewrite.log

#Block IPs
<Directory /var/www>
    RewriteEngine On

    #only use my server for apache
    RewriteCond %{HTTP_HOST} !^2.2.2.2$ [NC]
    RewriteRule ^(.*)$ http://www.google.co.uk/$1 [L,R=301]

    RewriteCond %{REMOTE_ADDR} 0.0.0.0 [NC,OR]
    RewriteCond %{REMOTE_ADDR} 1.1.1.1 [NC]
    RewriteRule ^(.*)$ http://www.google.com [R]
</Directory>

# DOWNLOADS TOP DIRECTORY
<Directory /var/www/downloads>
    #Options Indexes
    #AllowOverride All
    #Order deny,allow
    #Deny from all
    #Allow from All

    AuthName "Please don't hack the server, thanks"
    AuthBasicAuthoritative Off
    AuthUserFile /dev/null
    AuthMySQL On
    AuthType Basic
    Auth_MYSQL on
    Auth_MySQL_Host localhost
    Auth_MySQL_User user
    Auth_MySQL_Password password
    AuthMySQL_DB db
    AuthMySQL_Password_Table users
    Auth_MySQL_Username_Field username
    Auth_MySQL_Password_Field password
    Auth_MySQL_Empty_Passwords Off
    Auth_MySQL_Encryption_Types Plaintext
    Auth_MySQL_Authoritative On
    require user luke

</Directory>

# EXAMPLE USERS DIRECTORY
# MIKE
<Directory /var/www/downloads/mike>
    SetEnvIf Cookie (.*)cookiename(.*) norequire_auth=yes
    Order Deny,Allow
    deny from all
    Satisfy Any

    #MYSQL AUTH
    AuthName "Please login"
    AuthBasicAuthoritative Off
    AuthUserFile /dev/null
    AuthMySQL On
    AuthType Basic
    Auth_MYSQL on
    Auth_MySQL_Host localhost
    Auth_MySQL_User user
    Auth_MySQL_Password password
    AuthMySQL_DB db
    AuthMySQL_Password_Table users
    Auth_MySQL_Username_Field username
    Auth_MySQL_Password_Field password
    Auth_MySQL_Empty_Passwords Off
    Auth_MySQL_Encryption_Types Plaintext
    Auth_MySQL_Authoritative On
    require user mike

    #COOKIE AUTH
    Allow from env=norequire_auth
</Directory>

​In case it may help, sites-enabled/000-default: may be causing conflicts? http://jsfiddle.net/Xcece/

I'm not using .htaccess files. I have changed a load of directives around and have gotten quite lost.

I can't for the life of me figure out why it's not working - I don't quite understand the conflicts that may exist, so a point in the right direction with explanation so I can avoid this in the future would be great. Thank you.