From 8aa562afee509c9eff63457c9fb028f0fcf1a231 Mon Sep 17 00:00:00 2001
From: Pilzinsel64 <pascal.schedel@dr-schneider.com>
Date: Wed, 4 Jun 2025 09:21:58 +0200
Subject: [PATCH] always check authentication

---
 Pilz.Net/Api/ApiServer.cs | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/Pilz.Net/Api/ApiServer.cs b/Pilz.Net/Api/ApiServer.cs
index 0bd7dfe..76b568e 100644
--- a/Pilz.Net/Api/ApiServer.cs
+++ b/Pilz.Net/Api/ApiServer.cs
@@ -481,10 +481,9 @@ public class ApiServer : IApiServer
         // Check authentication
         Log.Debug("Check authentication");
         var isAuthenticated = false;
-        if (!string.IsNullOrWhiteSpace(authKey) && DecodeAuthKey(authKey) is string authKeyDecoded)
-            isAuthenticated = CheckAuthentication(authKeyDecoded, handler.Handler, context);
-        else
+        if (string.IsNullOrWhiteSpace(authKey) || DecodeAuthKey(authKey) is not string authKeyDecoded)
             authKeyDecoded = null!;
+        isAuthenticated = CheckAuthentication(authKeyDecoded, handler.Handler, context);
         if (handler.Attribute.RequiesAuth && !isAuthenticated)
             return new(ApiResult.Unauthorized(), null);