Merge pull request #4330 from crobibero/api-key-auth

Fix ApiKey authentication
author: Claus Vium <cvium@users.noreply.github.com> 2020-11-08 08:20:50 +0100
committer: GitHub <noreply@github.com> 2020-11-08 08:20:50 +0100
commit: c17f84ae484b9018953bfc2904819f30222b9c32 (patch)
tree: 405b770e78681b04eabb091f476c85c06635a17e /Emby.Server.Implementations/HttpServer/Security/AuthService.cs
parent: 1bd5f780250993b01e551699f54f703032a0d1dd (diff)
parent: 8b83e4e972243db618972e33705b959bf98ca9f4 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
index 68d981ad1..7d53e886f 100644
--- a/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
+++ b/Emby.Server.Implementations/HttpServer/Security/AuthService.cs
@@ -19,12 +19,12 @@ namespace Emby.Server.Implementations.HttpServer.Security
         public AuthorizationInfo Authenticate(HttpRequest request)
         {
             var auth = _authorizationContext.GetAuthorizationInfo(request);
-            if (auth?.User == null)
+            if (auth == null)
             {
-                return null;
+                throw new SecurityException("Unauthenticated request.");
             }
 
-            if (auth.User.HasPermission(PermissionKind.IsDisabled))
+            if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)
             {
                 throw new SecurityException("User account has been disabled.");
             }
author	Claus Vium <cvium@users.noreply.github.com>	2020-11-08 08:20:50 +0100
committer	GitHub <noreply@github.com>	2020-11-08 08:20:50 +0100
commit	c17f84ae484b9018953bfc2904819f30222b9c32 (patch)
tree	405b770e78681b04eabb091f476c85c06635a17e /Emby.Server.Implementations/HttpServer/Security/AuthService.cs
parent	1bd5f780250993b01e551699f54f703032a0d1dd (diff)
parent	8b83e4e972243db618972e33705b959bf98ca9f4 (diff)