api: don't hit calc_users if this is the API

sometimes we render HTML where we probably... shouldn't. in most cases
this is fine, but if API clients hit it it can errenously set

files/routes/wrappers.py

@@ -18,6 +18,7 @@ def session_init():
 		session["session_id"] = secrets.token_hex(49)
 
 def calc_users(v):
+	if g.is_api_or_xhr: return
 	loggedin = cache.get(f'{SITE}_loggedin') or {}
 	loggedout = cache.get(f'{SITE}_loggedout') or {}
 	timestamp = int(time.time())