@ -134,10 +134,7 @@ class REST {
} elseif (isset($env['REMOTE_USER'])) {
$user = $env['REMOTE_USER'];
}
if (strlen($user)) {
$valid = Arsse::$user->auth($user, $password);
if ($valid) {
if (strlen($user) && Arsse::$user->auth($user, $password)) {
$req = $req->withAttribute("authenticated", true);
$req = $req->withAttribute("authenticatedUser", $user);