AuthToken created after login should be marked as 'non-anonymous'
After authentication, an AuthToken is set. Such a token is also set after anonymous authentication.
An AuthToken contains a boolean value that indicates if the corresponding session used anonymous authentication. If this information was not provided when the token was constructed, a database lookup is needed. This adds undesirable overhead.
Such a lookup is prevented, by providing the anonymous flag when the AuthToken is constructed. This provides a small boost in performance, which can be notable when many users log in at the same time.