3 files changed, 9 insertions, 11 deletions

diff --git a/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs b/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
index e69ff367a..c284007f7 100644
--- a/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
+++ b/MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
@@ -348,6 +348,12 @@ namespace MediaBrowser.Server.Implementations.HttpServer
                 return Task.FromResult(true);
             }
 
+            if (string.Equals(localPath, "/emby/pin", StringComparison.OrdinalIgnoreCase))
+            {
+                httpRes.RedirectToUrl("web/pin.html");
+                return Task.FromResult(true);
+            }
+            
             if (!string.IsNullOrWhiteSpace(GlobalResponse))
             {
                 httpRes.StatusCode = 503;
diff --git a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs
index f6b14fcab..d8f7d889c 100644
--- a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs
+++ b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs
@@ -134,20 +134,17 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
 
         private bool IsExemptFromAuthenticationToken(AuthorizationInfo auth, IAuthenticationAttributes authAttribtues)
         {
-            if (!_config.Configuration.IsStartupWizardCompleted &&
-                authAttribtues.AllowBeforeStartupWizard)
+            if (!_config.Configuration.IsStartupWizardCompleted && authAttribtues.AllowBeforeStartupWizard)
             {
                 return true;
             }
 
-            return _config.Configuration.InsecureApps9.Contains(auth.Client ?? string.Empty,
-                StringComparer.OrdinalIgnoreCase);
+            return false;
         }
 
         private bool IsExemptFromRoles(AuthorizationInfo auth, IAuthenticationAttributes authAttribtues, AuthenticationInfo tokenInfo)
         {
-            if (!_config.Configuration.IsStartupWizardCompleted &&
-                authAttribtues.AllowBeforeStartupWizard)
+            if (!_config.Configuration.IsStartupWizardCompleted && authAttribtues.AllowBeforeStartupWizard)
             {
                 return true;
             }
diff --git a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
index 75d54a80a..357f5c976 100644
--- a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
+++ b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthorizationContext.cs
@@ -45,7 +45,6 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
         {
             var auth = GetAuthorizationDictionary(httpReq);
 
-            string userId = null;
             string deviceId = null;
             string device = null;
             string client = null;
@@ -53,9 +52,6 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
 
             if (auth != null)
             {
-                // TODO: Remove this 
-                auth.TryGetValue("UserId", out userId);
-
                 auth.TryGetValue("DeviceId", out deviceId);
                 auth.TryGetValue("Device", out device);
                 auth.TryGetValue("Client", out client);
@@ -78,7 +74,6 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
                 Client = client,
                 Device = device,
                 DeviceId = deviceId,
-                UserId = userId,
                 Version = version,
                 Token = token
             };