Merge remote-tracking branch 'origin/stable' into next

# Conflicts:
#	package-lock.json
#	package.json
#	src/public/app/entities/note_short.js
#	src/public/app/services/protected_session.js
#	src/routes/api/login.js

src/routes/api/login.js

@@ -8,11 +8,12 @@ const passwordEncryptionService = require('../../services/password_encryption');
 const protectedSessionService = require('../../services/protected_session');
 const appInfo = require('../../services/app_info');
 const eventService = require('../../services/events');
-const cls = require('../../services/cls');
 const sqlInit = require('../../services/sql_init');
 const sql = require('../../services/sql');
 const optionService = require('../../services/options');
 const ApiToken = require('../../services/becca/entities/api_token.js');
+const ApiToken = require('../../entities/api_token');
+const ws = require("../../services/ws.js");
 
 function loginSync(req) {
     if (!sqlInit.schemaExists()) {
@@ -65,16 +66,14 @@ function loginToProtectedSession(req) {
 
     const decryptedDataKey = passwordEncryptionService.getDataKey(password);
 
-    const protectedSessionId = protectedSessionService.setDataKey(decryptedDataKey);
-
-    // this is set here so that event handlers have access to the protected session
-    cls.set('protectedSessionId', protectedSessionId);
+    protectedSessionService.setDataKey(decryptedDataKey);
 
     eventService.emit(eventService.ENTER_PROTECTED_SESSION);
 
+    ws.sendMessageToAllClients({ type: 'protectedSessionLogin' });
+
     return {
-        success: true,
-        protectedSessionId: protectedSessionId
+        success: true
     };
 }
 
@@ -82,6 +81,8 @@ function logoutFromProtectedSession() {
     protectedSessionService.resetDataKey();
 
     eventService.emit(eventService.LEAVE_PROTECTED_SESSION);
+
+    ws.sendMessageToAllClients({ type: 'protectedSessionLogout' });
 }
 
 function token(req) {