Tracking API: Allow setTokenAuth() to be an admin token, not only the Super User
|Reported by:||matt||Owned by:|
Super User token is very secret. The Tracking API should allow for more flexibility and allow any "admin" token for the site being tracked.
For performance, we don't want to query the DB on each Tracking API request. So we can cache in the Tracker cache files the list of all allowed admin token_auth and check against this list.