appLogin handles authentication

bubble-server/src/main/java/bubble/resources/account/AuthResource.java

@@ -425,12 +425,21 @@ public class AuthResource {
             if (!existing.getUuid().equals(sessionAccount.getUuid())) {
                 sessionDAO.invalidate(existing.getApiToken());
             } else {
+                markAuthenticated(existing);
                 return ok(existing);
             }
         }
+        markAuthenticated(sessionAccount);
         return ok(sessionAccount.setApiToken(sessionDAO.create(sessionAccount)));
     }
 
+    private void markAuthenticated(Account sessionAccount) {
+        final AccountPolicy policy = policyDAO.findSingleByAccount(sessionAccount.getUuid());
+        if (policy.hasVerifiedAuthenticator()) {
+            authenticatorService.markAsAuthenticated(sessionAccount.getToken(), policy);
+        }
+    }
+
     @POST @Path(EP_VERIFY_KEY)
     public Response verifyNodeKey(@Context Request req,
                                   @Context ContainerRequest ctx,

utils/cobbzilla-wizard

@@ -1 +1 @@
-Subproject commit 0776a05671b91e6875b6bb00150de0ffd2de08b0
+Subproject commit 5510f2d6563ed6109ce153e49acd03ead6a6f4cd