FIX: Do not update `last_seen` for API access

This regressed in 2dc3a50. I have now added tests for the behavior.

lib/auth/default_current_user_provider.rb

@@ -240,6 +240,8 @@ class Auth::DefaultCurrentUserProvider
   def should_update_last_seen?
     if @request.xhr?
       @env["HTTP_DISCOURSE_VISIBLE".freeze] == "true".freeze
+    elsif !!(@env[API_KEY_ENV]) || !!(@env[USER_API_KEY_ENV])
+      false
     else
       true
     end

spec/components/auth/default_current_user_provider_spec.rb

@@ -32,7 +32,11 @@ describe Auth::DefaultCurrentUserProvider do
     it "finds a user for a correct per-user api key" do
       user = Fabricate(:user)
       ApiKey.create!(key: "hello", user_id: user.id, created_by_id: -1)
-      expect(provider("/?api_key=hello").current_user.id).to eq(user.id)
+      good_provider = provider("/?api_key=hello")
+      expect(good_provider.current_user.id).to eq(user.id)
+      expect(good_provider.is_api?).to eq(true)
+      expect(good_provider.is_user_api?).to eq(false)
+      expect(good_provider.should_update_last_seen?).to eq(false)
 
       user.update_columns(active: false)
 
@@ -399,6 +403,7 @@ describe Auth::DefaultCurrentUserProvider do
       expect(good_provider.current_user.id).to eq(user.id)
       expect(good_provider.is_api?).to eq(false)
       expect(good_provider.is_user_api?).to eq(true)
+      expect(good_provider.should_update_last_seen?).to eq(false)
 
       expect {
         provider("/", params.merge("REQUEST_METHOD" => "POST")).current_user