Let REQUIRE_LOGIN mode passthrough valid auth tokens
requested to merge igo95862/lava:fix-require-login-blocking-tokens-apertispro-staging into apertispro/staging
Otherwise REST API and XMLRPC are practically unusable.
This is a passthrough mode meaning the token should be validated and assinged user down the processing stack
This means that using the valid token someone can access other pages as an anonymous user even when REQUIRE_LOGIN is enabled.