Implemented check for header auth enabled also in backend

3 years ago · df2092d5e3
parent 5ddda3c39e
commit df2092d5e3
1 changed files with 1 additions and 5 deletions
--- a/src/Ombi/Controllers/V1/TokenController.cs
+++ b/src/Ombi/Controllers/V1/TokenController.cs
@ -283,13 +283,9 @@ namespace Ombi.Controllers.V1
        {
            string username = null;

-            // Check if Header Auth is enabled and Proxy IP is trusted
-            // TODO
-            // var ombiSettings = await repo.GetSettingsAsync();
-            // END TODO
            var authSettings = await _authSettings.GetSettingsAsync();
            _log.LogInformation("Logging with header: " + authSettings.HeaderAuthVariable);
-            if (authSettings.HeaderAuthVariable != null)
+            if (authSettings.HeaderAuthVariable != null && authSettings.EnableHeaderAuth)
            {
                if (Request.HttpContext?.Request?.Headers != null && Request.HttpContext.Request.Headers.ContainsKey(authSettings.HeaderAuthVariable))
                {