Move SecurityException

4 years ago · d5c226b1c3
parent 4b6889615b
commit d5c226b1c3
2 changed files with 6 additions and 1 deletions
--- a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
+++ b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
@ -19,6 +19,11 @@ namespace Emby.Server.Implementations.HttpServer.Security
        public AuthorizationInfo Authenticate(HttpRequest request)
        {
            var auth = _authorizationContext.GetAuthorizationInfo(request);
+            if (auth == null)
+            {
+                throw new SecurityException("Unauthenticated request.");
+            }
+
            if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)
            {
                throw new SecurityException("User account has been disabled.");
--- a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
+++ b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
@ -114,7 +114,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
            if (string.IsNullOrWhiteSpace(token))
            {
                // Request doesn't contain a token.
-                throw new SecurityException("Unauthorized.");
+                return (null, null);
            }

            var result = _authRepo.Get(new AuthenticationInfoQuery