From 40897bac1494791e1ec6abcfe85cda27d4664a32 Mon Sep 17 00:00:00 2001
From: Luke Pulverenti <luke.pulverenti@gmail.com>
Date: Sat, 8 Nov 2014 22:18:14 -0500
Subject: fixes #941 - Rework password recovery and remove IsLocal checks

---
 MediaBrowser.Server.Implementations/Session/SessionManager.cs | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

(limited to 'MediaBrowser.Server.Implementations/Session')

diff --git a/MediaBrowser.Server.Implementations/Session/SessionManager.cs b/MediaBrowser.Server.Implementations/Session/SessionManager.cs
index ac8068744..d6db836cc 100644
--- a/MediaBrowser.Server.Implementations/Session/SessionManager.cs
+++ b/MediaBrowser.Server.Implementations/Session/SessionManager.cs
@@ -1300,23 +1300,16 @@ namespace MediaBrowser.Server.Implementations.Session
         /// Authenticates the new session.
         /// </summary>
         /// <param name="request">The request.</param>
-        /// <param name="isLocal">if set to <c>true</c> [is local].</param>
         /// <returns>Task{SessionInfo}.</returns>
         /// <exception cref="AuthenticationException">Invalid user or password entered.</exception>
         /// <exception cref="System.UnauthorizedAccessException">Invalid user or password entered.</exception>
         /// <exception cref="UnauthorizedAccessException">Invalid user or password entered.</exception>
-        public async Task<AuthenticationResult> AuthenticateNewSession(AuthenticationRequest request,
-            bool isLocal)
+        public async Task<AuthenticationResult> AuthenticateNewSession(AuthenticationRequest request)
         {
             var user = _userManager.Users
                 .FirstOrDefault(i => string.Equals(request.Username, i.Name, StringComparison.OrdinalIgnoreCase));
 
-            var allowWithoutPassword = isLocal &&
-                                       string.Equals(request.App, "Dashboard", StringComparison.OrdinalIgnoreCase)
-                                       && !(user != null && user.ConnectLinkType.HasValue && user.ConnectLinkType.Value == UserLinkType.Guest);
-
-            var result = allowWithoutPassword ||
-                await _userManager.AuthenticateUser(request.Username, request.PasswordSha1, request.PasswordMd5, request.RemoteEndPoint).ConfigureAwait(false);
+            var result = await _userManager.AuthenticateUser(request.Username, request.PasswordSha1, request.PasswordMd5, request.RemoteEndPoint).ConfigureAwait(false);
 
             if (!result)
             {
-- 
cgit v1.2.3