ae160f3ff2
Now the users will be reloaded at most once during each USERS_REFRESH_TIME period. Earlier they could be reloaded at at most USERS_REFRESH_MAX_PER_TIME times, which in practice meant that with repeated unauthorized login attempts they were reloaded N times in rapid succession, without the situation being likely to change in between.