diff --git a/frappe/auth.py b/frappe/auth.py
index ea7eb34b05..99601cf3aa 100644
--- a/frappe/auth.py
+++ b/frappe/auth.py
@@ -38,12 +38,12 @@ class HTTPRequest:
 		# load cookies
 		self.set_cookies()
 
-		# login and start/resume user session
-		self.set_session()
-
 		# set request language
 		self.set_lang()
 
+		# login and start/resume user session
+		self.set_session()
+
 		# match csrf token from current session
 		self.validate_csrf_token()
 
@@ -631,7 +631,7 @@ def validate_oauth(authorization_header):
 	Authenticate request using OAuth and set session user
 
 	Args:
-	        authorization_header (list of str): The 'Authorization' header containing the prefix and token
+			authorization_header (list of str): The 'Authorization' header containing the prefix and token
 	"""
 
 	from frappe.integrations.oauth2 import get_oauth_server
@@ -671,7 +671,7 @@ def validate_auth_via_api_keys(authorization_header):
 	Authenticate request using API keys and set session user
 
 	Args:
-	        authorization_header (list of str): The 'Authorization' header containing the prefix and token
+			authorization_header (list of str): The 'Authorization' header containing the prefix and token
 	"""
 
 	try: