Move SecurityException

2024-07-03 12:23:27 +02:00 · 2020-10-15 08:02:59 -06:00 · 2020-10-15 08:02:59 -06:00 · d5c226b1c3
parent 4b6889615b
commit d5c226b1c3
2 changed files with 6 additions and 1 deletions
--- a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
+++ b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
@ -19,6 +19,11 @@ namespace Emby.Server.Implementations.HttpServer.Security
        public AuthorizationInfo Authenticate(HttpRequest request)
        {
            var auth = _authorizationContext.GetAuthorizationInfo(request);
+            if (auth == null)
+            {
+                throw new SecurityException("Unauthenticated request.");
+            }
+
            if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)
            {
                throw new SecurityException("User account has been disabled.");
--- a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
+++ b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
@ -114,7 +114,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
            if (string.IsNullOrWhiteSpace(token))
            {
                // Request doesn't contain a token.
-                throw new SecurityException("Unauthorized.");
+                return (null, null);
            }

            var result = _authRepo.Get(new AuthenticationInfoQuery