diff options
| author | crobibero <cody@robibe.ro> | 2020-10-15 08:02:59 -0600 |
|---|---|---|
| committer | crobibero <cody@robibe.ro> | 2020-10-15 08:02:59 -0600 |
| commit | d5c226b1c3b04fa824adbcdc3eb0cbe09815f643 (patch) | |
| tree | 8a40dd4028f01162eb5b93cb6ac3a026c0f1b6f2 | |
| parent | 4b6889615b877448b0a895b36c835e8d332584c6 (diff) | |
Move SecurityException
| -rw-r--r-- | Emby.Server.Implementations/HttpServer/Security/AuthService.cs | 5 | ||||
| -rw-r--r-- | Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs index 50c5b5b79..7d53e886f 100644 --- a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs +++ b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs @@ -19,6 +19,11 @@ namespace Emby.Server.Implementations.HttpServer.Security public AuthorizationInfo Authenticate(HttpRequest request) { var auth = _authorizationContext.GetAuthorizationInfo(request); + if (auth == null) + { + throw new SecurityException("Unauthenticated request."); + } + if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false) { throw new SecurityException("User account has been disabled."); diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs index c7666452c..1f647b78b 100644 --- a/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs +++ b/Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs @@ -114,7 +114,7 @@ namespace Emby.Server.Implementations.HttpServer.Security if (string.IsNullOrWhiteSpace(token)) { // Request doesn't contain a token. - throw new SecurityException("Unauthorized."); + return (null, null); } var result = _authRepo.Get(new AuthenticationInfoQuery |