SECURITY: Fix User::setToken() call on User::newSystemUser

This was supposed to reset the user token but did set it to '1'
because User::setToken accepts bool/string but only treats true
as bool.

Bug: T125161
Change-Id: Ia4196eba92cd4d170a3023db0f540a2972ffad4f

includes/session/SessionManager.php

@@ -539,7 +539,7 @@ final class SessionManager implements SessionManagerInterface {
 		// Reset the user's token to kill existing sessions
 		$user = User::newFromName( $username );
 		if ( $user && $user->getToken( false ) ) {
-			$user->setToken( true );
+			$user->setToken();
 			$user->saveSettings();
 		}