Fix notice

lib/REST.php

@@ -134,10 +134,7 @@ class REST {
         } elseif (isset($env['REMOTE_USER'])) {
             $user = $env['REMOTE_USER'];
         }
-        if (strlen($user)) {
-            $valid = Arsse::$user->auth($user, $password);
-        }
-        if ($valid) {
+        if (strlen($user) && Arsse::$user->auth($user, $password)) {
             $req = $req->withAttribute("authenticated", true);
             $req = $req->withAttribute("authenticatedUser", $user);
         }