mirror of
				https://github.com/jellyfin/jellyfin.git
				synced 2025-10-20 13:30:57 -04:00 
			
		
		
		
	Don't throw exception on unauthenticated requests
This commit is contained in:
		
							parent
							
								
									8868b34d78
								
							
						
					
					
						commit
						4a28f46cac
					
				| @ -24,7 +24,7 @@ namespace Emby.Server.Implementations.HttpServer.Security | ||||
| 
 | ||||
|             if (!auth.HasToken) | ||||
|             { | ||||
|                 throw new AuthenticationException("Request does not contain a token."); | ||||
|                 return auth; | ||||
|             } | ||||
| 
 | ||||
|             if (!auth.IsAuthenticated) | ||||
|  | ||||
| @ -35,7 +35,12 @@ namespace Emby.Server.Implementations.HttpServer | ||||
|         /// <inheritdoc /> | ||||
|         public async Task WebSocketRequestHandler(HttpContext context) | ||||
|         { | ||||
|             _ = await _authService.Authenticate(context.Request).ConfigureAwait(false); | ||||
|             var authorizationInfo = await _authService.Authenticate(context.Request).ConfigureAwait(false); | ||||
|             if (!authorizationInfo.IsAuthenticated) | ||||
|             { | ||||
|                 throw new SecurityException("Token is required"); | ||||
|             } | ||||
| 
 | ||||
|             try | ||||
|             { | ||||
|                 _logger.LogInformation("WS {IP} request", context.Connection.RemoteIpAddress); | ||||
|  | ||||
| @ -45,6 +45,11 @@ namespace Jellyfin.Api.Auth | ||||
|             try | ||||
|             { | ||||
|                 var authorizationInfo = await _authService.Authenticate(Request).ConfigureAwait(false); | ||||
|                 if (!authorizationInfo.HasToken) | ||||
|                 { | ||||
|                     return AuthenticateResult.NoResult(); | ||||
|                 } | ||||
| 
 | ||||
|                 var role = UserRoles.User; | ||||
|                 if (authorizationInfo.IsApiKey || authorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)) | ||||
|                 { | ||||
|  | ||||
| @ -132,6 +132,8 @@ namespace Jellyfin.Api.Tests.Auth | ||||
|             authorizationInfo.User.AddDefaultPreferences(); | ||||
|             authorizationInfo.User.SetPermission(PermissionKind.IsAdministrator, isAdmin); | ||||
|             authorizationInfo.IsApiKey = false; | ||||
|             authorizationInfo.HasToken = true; | ||||
|             authorizationInfo.Token = "fake-token"; | ||||
| 
 | ||||
|             _jellyfinAuthServiceMock.Setup( | ||||
|                     a => a.Authenticate( | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user