Move SecurityException

Emby.Server.Implementations/HttpServer/Security/AuthService.cs

@@ -19,6 +19,11 @@ namespace Emby.Server.Implementations.HttpServer.Security
         public AuthorizationInfo Authenticate(HttpRequest request)
         {
             var auth = _authorizationContext.GetAuthorizationInfo(request);
+            if (auth == null)
+            {
+                throw new SecurityException("Unauthenticated request.");
+            }
+
             if (auth.User?.HasPermission(PermissionKind.IsDisabled) ?? false)
             {
                 throw new SecurityException("User account has been disabled.");

Emby.Server.Implementations/HttpServer/Security/AuthorizationContext.cs

@@ -114,7 +114,7 @@ namespace Emby.Server.Implementations.HttpServer.Security
             if (string.IsNullOrWhiteSpace(token))
             {
                 // Request doesn't contain a token.
-                throw new SecurityException("Unauthorized.");
+                return (null, null);
             }
 
             var result = _authRepo.Get(new AuthenticationInfoQuery