It really sucks that you need to have a global distributed lock just to use the API. Logging in should not invalidate the previous API session.
