Index: tokenauth.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/tokenauth/Attic/tokenauth.module,v
retrieving revision 1.11.4.31
diff -u -p -r1.11.4.31 tokenauth.module
--- tokenauth.module	2 Nov 2010 06:04:48 -0000	1.11.4.31
+++ tokenauth.module	6 Dec 2010 15:41:06 -0000
@@ -128,13 +128,12 @@ function tokenauth_exit() {
  * that also passes tokenauth's allowed pages filter.
  */
 function tokenauth_url_outbound_alter(&$path, &$options, $original_path) {
-  if (isset($_SESSION['tokenauth_auth']) && $_REQUEST['token'] == ($token = tokenauth_get_token())
-    && tokenauth_allowed_pages($original_path)) {
-
+  $token = tokenauth_get_token();
+  if (variable_get('tokenauth_force', '') == 1 && tokenauth_allowed_pages($original_path) ||
+      (isset($_SESSION['tokenauth_auth']) && $_REQUEST['token'] == $token)) {
     if (is_array($options['query'])) {
       $options['query']['token'] = $token;
-    }
-    else {
+    } else {
       $options['query'] .= 'token=' . $token;
     }
   }
Index: tokenauth.pages.inc
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/tokenauth/Attic/tokenauth.pages.inc,v
retrieving revision 1.1.2.6
diff -u -p -r1.1.2.6 tokenauth.pages.inc
--- tokenauth.pages.inc	2 Sep 2010 21:10:57 -0000	1.1.2.6
+++ tokenauth.pages.inc	6 Dec 2010 15:41:06 -0000
@@ -31,6 +31,12 @@ function tokenauth_admin_settings() {
     '#default_value' => variable_get('tokenauth_pages', "rss.xml\n*/feed\n*/opml"),
     '#description' => t("Enter one page per line as Drupal paths. The '*' character is a wildcard. Example paths are %blog for the blog page and %blog-wildcard for every personal blog. %front is the front page. Read <a href=\"http://api.drupal.org/api/function/drupal_match_path/6\">drupal_match_path()</a> for the details.", array('%blog' => 'blog', '%blog-wildcard' => 'blog/*', '%front' => '<front>')),
   );
+  $form['tokenauth_general']['tokenauth_force'] = array(
+    '#type' => 'checkbox',
+    '#title' => t('Always append token to URLs'),
+    '#default_value' => variable_get('tokenauth_force', ''),
+    '#description' => t('Apend token to URLs even if the user doesn\'t have their token in the browser location.'),
+  );
 
   $form['tokenauth_text'] = array(
     '#type' => 'fieldset',
@@ -71,6 +77,7 @@ function tokenauth_admin_settings() {
     '#value' => t('Reset tokens')
   );
 
+
   return system_settings_form($form);
 }