From 8dcd8d17b5eff0db99efc83adf98100510d7b1a2 Mon Sep 17 00:00:00 2001
From: Mark McDowall <markus.mcd5@gmail.com>
Date: Sun, 27 Dec 2015 00:59:28 -0800
Subject: [PATCH] Fixed: Username must not be null or empty when logging in

---
 src/NzbDrone.Api/Authentication/AuthenticationModule.cs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/NzbDrone.Api/Authentication/AuthenticationModule.cs b/src/NzbDrone.Api/Authentication/AuthenticationModule.cs
index ac87b5f0d..89467cf48 100644
--- a/src/NzbDrone.Api/Authentication/AuthenticationModule.cs
+++ b/src/NzbDrone.Api/Authentication/AuthenticationModule.cs
@@ -3,6 +3,7 @@
 using Nancy.Authentication.Forms;
 using Nancy.Extensions;
 using Nancy.ModelBinding;
+using NzbDrone.Common.EnsureThat;
 using NzbDrone.Core.Authentication;
 using NzbDrone.Core.Configuration;
 
@@ -23,6 +24,11 @@ public AuthenticationModule(IUserService userService, IConfigFileProvider config
 
         private Response Login(LoginResource resource)
         {
+            Ensure.That(resource.Username, () => resource.Username).IsNotNullOrWhiteSpace();
+
+            // TODO: A null or empty password should not be allowed, uncomment in v3
+            //Ensure.That(resource.Password, () => resource.Password).IsNotNullOrWhiteSpace();
+
             var user = _userService.FindUser(resource.Username, resource.Password);
 
             if (user == null)