From 40897bac1494791e1ec6abcfe85cda27d4664a32 Mon Sep 17 00:00:00 2001
From: Luke Pulverenti <luke.pulverenti@gmail.com>
Date: Sat, 8 Nov 2014 22:18:14 -0500
Subject: fixes #941 - Rework password recovery and remove IsLocal checks

---
 .../HttpServer/Security/AuthService.cs                    | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

(limited to 'MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs')

diff --git a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs
index 295f0c775..dde61079b 100644
--- a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs
+++ b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs
@@ -63,17 +63,14 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
             // This code is executed before the service
             var auth = AuthorizationContext.GetAuthorizationInfo(req);
 
-            if (!authAttribtues.AllowLocal || !req.IsLocal)
+            if (!string.IsNullOrWhiteSpace(auth.Token) ||
+                !_config.Configuration.InsecureApps6.Contains(auth.Client ?? string.Empty, StringComparer.OrdinalIgnoreCase))
             {
-                if (!string.IsNullOrWhiteSpace(auth.Token) ||
-                    !_config.Configuration.InsecureApps6.Contains(auth.Client ?? string.Empty, StringComparer.OrdinalIgnoreCase))
-                {
-                    var valid = IsValidConnectKey(auth.Token);
+                var valid = IsValidConnectKey(auth.Token);
 
-                    if (!valid)
-                    {
-                        SessionManager.ValidateSecurityToken(auth.Token);
-                    }
+                if (!valid)
+                {
+                    SessionManager.ValidateSecurityToken(auth.Token);
                 }
             }
 
-- 
cgit v1.2.3