Merge pull request #1926 from Bond-009/auth

Add clearer exceptions, warnings and docs
author: dkanada <dkanada@users.noreply.github.com> 2019-11-23 01:14:32 +0900
committer: GitHub <noreply@github.com> 2019-11-23 01:14:32 +0900
commit: 51cdc6ea166b6eae7f060ce05c74e83b34a94976 (patch)
tree: bc01564b696fb4bc323b547fdd03e2fe7893f93f /Emby.Server.Implementations/Session/SessionManager.cs
parent: 7b3c394a3e3df291a54811085dd0d32fc243f397 (diff)
parent: d7335f6ae6c9cb2b5000ca9be9c8b7f6f268af2a (diff)
1 files changed, 14 insertions, 13 deletions
diff --git a/Emby.Server.Implementations/Session/SessionManager.cs b/Emby.Server.Implementations/Session/SessionManager.cs
index 61329160a..d1392e162 100644
--- a/Emby.Server.Implementations/Session/SessionManager.cs
+++ b/Emby.Server.Implementations/Session/SessionManager.cs
@@ -1388,27 +1388,28 @@ namespace Emby.Server.Implementations.Session
             if (user != null)
             {
                 // TODO: Move this to userManager?
-                if (!string.IsNullOrEmpty(request.DeviceId))
+                if (!string.IsNullOrEmpty(request.DeviceId)
+                    && !_deviceManager.CanAccessDevice(user, request.DeviceId))
                 {
-                    if (!_deviceManager.CanAccessDevice(user, request.DeviceId))
-                    {
-                        throw new SecurityException("User is not allowed access from this device.");
-                    }
+                    throw new SecurityException("User is not allowed access from this device.");
                 }
             }
 
             if (enforcePassword)
             {
-                var result = await _userManager.AuthenticateUser(request.Username, request.Password, request.PasswordSha1, request.RemoteEndPoint, true).ConfigureAwait(false);
-
-                if (result == null)
-                {
-                    AuthenticationFailed?.Invoke(this, new GenericEventArgs<AuthenticationRequest>(request));
+                user = await _userManager.AuthenticateUser(
+                    request.Username,
+                    request.Password,
+                    request.PasswordSha1,
+                    request.RemoteEndPoint,
+                    true).ConfigureAwait(false);
+            }
 
-                    throw new SecurityException("Invalid user or password entered.");
-                }
+            if (user == null)
+            {
+                AuthenticationFailed?.Invoke(this, new GenericEventArgs<AuthenticationRequest>(request));
 
-                user = result;
+                throw new SecurityException("Invalid user or password entered.");
             }
 
             var token = GetAuthorizationToken(user, request.DeviceId, request.App, request.AppVersion, request.DeviceName);
author	dkanada <dkanada@users.noreply.github.com>	2019-11-23 01:14:32 +0900
committer	GitHub <noreply@github.com>	2019-11-23 01:14:32 +0900
commit	51cdc6ea166b6eae7f060ce05c74e83b34a94976 (patch)
tree	bc01564b696fb4bc323b547fdd03e2fe7893f93f /Emby.Server.Implementations/Session/SessionManager.cs
parent	7b3c394a3e3df291a54811085dd0d32fc243f397 (diff)
parent	d7335f6ae6c9cb2b5000ca9be9c8b7f6f268af2a (diff)