change authentication flow

1 files changed, 6 insertions, 10 deletions

diff --git a/Emby.Server.Implementations/Session/SessionManager.cs b/Emby.Server.Implementations/Session/SessionManager.cs
index ec3e87573..659483a36 100644
--- a/Emby.Server.Implementations/Session/SessionManager.cs
+++ b/Emby.Server.Implementations/Session/SessionManager.cs
@@ -1379,20 +1379,16 @@ namespace Emby.Server.Implementations.Session
                 user = _userManager.GetUserByName(request.Username);
             }
 
-            if (user != null)
+            if (user == null)
             {
-                // TODO: Move this to userManager?
-                if (!string.IsNullOrEmpty(request.DeviceId)
-                    && !_deviceManager.CanAccessDevice(user, request.DeviceId))
-                {
-                    throw new SecurityException("User is not allowed access from this device.");
-                }
+                AuthenticationFailed?.Invoke(this, new GenericEventArgs<AuthenticationRequest>(request));
+                throw new SecurityException("Invalid username or password entered.");
             }
 
-            if (user == null)
+            if (!string.IsNullOrEmpty(request.DeviceId)
+                && !_deviceManager.CanAccessDevice(user, request.DeviceId))
             {
-                AuthenticationFailed?.Invoke(this, new GenericEventArgs<AuthenticationRequest>(request));
-                throw new SecurityException("Invalid user or password entered.");
+                throw new SecurityException("User is not allowed access from this device.");
             }
 
             if (enforcePassword)