Allow apikey to authenticate as admin

author: crobibero <cody@robibe.ro> 2020-10-14 17:58:33 -0600
committer: crobibero <cody@robibe.ro> 2020-10-14 17:58:33 -0600
commit: 39924f99927ae85b85095cfe9c2d7fb4ece7e75a (patch)
tree: b6727c2049d711d4c720c9208db4a02bc758e8bd /Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
parent: 8ffa14e6d3436cd6533bf43241c356f803b06845 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
index d732b6bc6..c4567d058 100644
--- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
+++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
@@ -1,4 +1,5 @@
-using System.Security.Claims;
+using System;
+using System.Security.Claims;
 using Jellyfin.Api.Helpers;
 using Jellyfin.Data.Enums;
 using MediaBrowser.Common.Extensions;
@@ -57,6 +58,12 @@ namespace Jellyfin.Api.Auth
                 return false;
             }
 
+            // UserId of Guid.Empty means token is an apikey.
+            if (userId.Equals(Guid.Empty))
+            {
+                return true;
+            }
+
             // Ensure userId links to a valid user.
             var user = _userManager.GetUserById(userId.Value);
             if (user == null)
author	crobibero <cody@robibe.ro>	2020-10-14 17:58:33 -0600
committer	crobibero <cody@robibe.ro>	2020-10-14 17:58:33 -0600
commit	39924f99927ae85b85095cfe9c2d7fb4ece7e75a (patch)
tree	b6727c2049d711d4c720c9208db4a02bc758e8bd /Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
parent	8ffa14e6d3436cd6533bf43241c356f803b06845 (diff)