From d9b8360ccd0146f423b68261202ba07ecf2f4961 Mon Sep 17 00:00:00 2001
From: Alan Jones <ajones@datawisesystems.com>
Date: Fri, 30 Dec 2016 10:05:44 -0800
Subject: [PATCH] Don't return true from IsAuthenticated() on the first API
 access with an expired session

---
 sessionauth.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sessionauth.go b/sessionauth.go
index 268e837..47fe492 100644
--- a/sessionauth.go
+++ b/sessionauth.go
@@ -62,7 +62,7 @@ func SessionUser(newUser func() User) martini.Handler {
 			err := user.GetById(userId)
 			if err != nil {
 				l.Printf("Login Error: %v\n", err)
-			} else {
+			} else if !s.IsNew() {
 				user.Login()
 			}
 		}