do not require password in session. replaces #135

We do not really care for the password in the session and usually don't
even have it when authenticating via oAuth.

This fixes a warning on PHP 8+

Author: splitbrain

Session.php

@@ -96,7 +96,7 @@ public function setUser($userdata, $resettime = true)
         $_SERVER['REMOTE_USER'] = $userdata['user'];
 
         $_SESSION[DOKU_COOKIE]['auth']['user'] = $userdata['user'];
-        $_SESSION[DOKU_COOKIE]['auth']['pass'] = $userdata['pass'];
+        $_SESSION[DOKU_COOKIE]['auth']['pass'] = 'not-set'; // pass is neither needed nor wanted
         $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
         $_SESSION[DOKU_COOKIE]['auth']['buid'] = auth_browseruid();
         if ($resettime) {