Revert "Delete redundant token2author DB save"

Something's weird here; this change shouldn't have any effect. I'll
have to squint at the code some more.

This reverts commit 2bf076043f.

Fixes #4262

src/node/db/AuthorManager.js

@@ -77,6 +77,17 @@ exports.createAuthorIfNotExistsFor = async function(authorMapper, name)
   return author;
 };
 
+/**
+ * Sets the token <> AuthorID relationship.
+ * Discussion at https://github.com/ether/etherpad-lite/issues/4006
+ * @param {String} token The token (generated by a client)
+ * @param {String} authorID The authorID (returned by the Security Manager)
+ */
+exports.setToken2Author = async function(token, authorID)
+{
+  await db.set("token2author:"+token, authorID);
+}
+
 /**
  * Returns the AuthorID for a mapper. We can map using a mapperkey,
  * so far this is token2author and mapper2author

src/node/db/SecurityManager.js

@@ -30,12 +30,10 @@ var authLogger = log4js.getLogger("auth");
  * This function controlls the access to a pad, it checks if the user can access a pad.
  * @param padID the pad the user wants to access
  * @param sessionCookie the session the user has (set via api)
- * @param token A random token representing the author, of the form t.randomstring_of_length_20.
- *              The random string is generated by the client.
+ * @param token a random token representing the author, of the form
+ *              t.randomstring_of_lenght_20. The random string is generated by
+ *              the client.
  *              Used for every pad in the web UI. Not used for the HTTP API.
- *              If there is not already an author associated with this token, and access is not
- *              denied, an author object will be created (including generating an author ID) and
- *              saved in the DB.
  * @param password the password the user has given to access this pad, can be null
  * @return {accessStatus: grant|deny|wrongPassword|needPassword, authorID: a.xxxxxx})
  */