...ctivate JWT in some cases - revert session save (#7449)
### **User description**
<details open>
<summary><a href="https://tyktech.atlassian.net/browse/TT-15141"
title="TT-15141" target="_blank">TT-15141</a></summary>
 <br />
 <table>
 <tr>
 <th>Summary</th>
<td>Toggling default policy from inactive to active does not activate
JWT in some cases</td>
 </tr>
 <tr>
 <th>Type</th>
 <td>
<img alt="Bug"
src="https://tyktech.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10303?size=medium"
/>
 Bug
 </td>
 </tr>
 <tr>
 <th>Status</th>
 <td>Ready for Testing</td>
 </tr>
 <tr>
 <th>Points</th>
 <td>N/A</td>
 </tr>
 <tr>
 <th>Labels</th>
<td><a
href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%202025_long_tail%20ORDER%20BY%20created%20DESC"
title="2025_long_tail">2025_long_tail</a>, <a
href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%202025_r5_candidate%20ORDER%20BY%20created%20DESC"
title="2025_r5_candidate">2025_r5_candidate</a>, <a
href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%20AI-Complexity-Medium%20ORDER%20BY%20created%20DESC"
title="AI-Complexity-Medium">AI-Complexity-Medium</a>, <a
href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%20AI-Priority-High%20ORDER%20BY%20created%20DESC"
title="AI-Priority-High">AI-Priority-High</a>, <a
href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%20codilime_refined%20ORDER%20BY%20created%20DESC"
title="codilime_refined">codilime_refined</a>, <a
href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%20customer_bug%20ORDER%20BY%20created%20DESC"
title="customer_bug">customer_bug</a>, <a
href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%20jira_escalated%20ORDER%20BY%20created%20DESC"
title="jira_escalated">jira_escalated</a></td>
 </tr>
 </table>
</details>
<!--
 do not remove this marker as it will break jira-lint's functionality.
 added_by_jira_lint
-->
---
<!-- Provide a general summary of your changes in the Title above -->
## Description
This PR reverts session save change.
## Related Issue
<!-- This project only accepts pull requests related to open issues. -->
<!-- If suggesting a new feature or change, please discuss it in an
issue first. -->
<!-- If fixing a bug, there should be an issue describing it with steps
to reproduce. -->
<!-- OSS: Please link to the issue here. Tyk: please create/link the
JIRA ticket. -->
## Motivation and Context
<!-- Why is this change required? What problem does it solve? -->
## How This Has Been Tested
<!-- Please describe in detail how you tested your changes -->
<!-- Include details of your testing environment, and the tests -->
<!-- you ran to see how your change affects other areas of the code,
etc. -->
<!-- This information is helpful for reviewers and QA. -->
## Screenshots (if appropriate)
## Types of changes
<!-- What types of changes does your code introduce? Put an `x` in all
the boxes that apply: -->
- [x] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to change)
- [ ] Refactoring or add test (improvements in base code or adds test
coverage to functionality)
## Checklist
<!-- Go over all the following points, and put an `x` in all the boxes
that apply -->
<!-- If there are no documentation updates required, mark the item as
checked. -->
<!-- Raise up any additional concerns not covered by the checklist. -->
- [ ] I ensured that the documentation is up to date
- [ ] I explained why this PR updates go.mod in detail with reasoning
why it's required
- [ ] I would like a code coverage CI quality gate exception and have
explained why
___
### **PR Type**
Bug fix, Enhancement
___
### **Description**
- Remove unnecessary session Touch call
- Prevent unintended session save side effects
- Avoid performance impact from extra writes
___
### Diagram Walkthrough
```mermaid
flowchart LR
 ApplyPolicy["Apply policy to session"] -- "previously called" --> TouchSession["session.Touch()"]
 ApplyPolicy -- "now" --> ReturnOnly["return without touching session"]
```
<details> <summary><h3> File Walkthrough</h3></summary>
<table><thead><tr><th></th><th align="left">Relevant
files</th></tr></thead><tbody><tr><td><strong>Bug
fix</strong></td><td><table>
<tr>
 <td>
 <details>
<summary><strong>apply.go</strong><dd><code>Stop touching session after
applying policies</code>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; </dd></summary>
<hr>
internal/policy/apply.go
<ul><li>Remove <code>session.Touch()</code> at end of
<code>Apply</code>.<br> <li> Preserve error when no valid policies
applied.<br> <li> Keep access rights update logic unchanged.</ul>
</details>
 </td>
<td><a
href="https://github.com/TykTechnologies/tyk/pull/7449/files#diff-59b92e9d31f142f1d99b746eb3ff7db4e26bf6c3044c9b87b58034a947ee04d1">+0/-2</a>&nbsp;
&nbsp; &nbsp; </td>
</tr>
</table></td></tr></tr></tbody></table>
</details>
___
(cherry picked from commit 817e09f)