In D11692, I moved some logic from being processed on keyserverAuthActionTypes to setNewSessionActionType. I failed to consider that the former action is only used with usingCommServicesAccessToken, but the latter is used regardless of usingCommServicesAccessToken.
This prevents SET_NEW_SESSION for updating the session for legacy keyserver-based login. The session still gets updated later by the auth action (either legacy login or legacy registration), but it would be better to leave the logic as it was before, to avoid potentially breaking anything.