Translations:Manual:SessionManager and AuthManager/66/en

Since the token is supposed to be secret, we can assume that a correct token means this is the known user.