Authentication should be checked earlier in the server pipeline, close …

…#93.
theRainbird · Dec 5, 2024 · 70aaa33 · 70aaa33
1 parent ff483f3
commit 70aaa33
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/CoreRemoting/RemotingSession.cs b/CoreRemoting/RemotingSession.cs
@@ -427,6 +427,9 @@ private void ProcessRpcMessage(WireMessage request)
             {
                 CurrentSession.Value = this;
 
+                if (_server.Config.AuthenticationRequired && !_isAuthenticated)
+                    throw new NetworkException("Session is not authenticated.");
+
                 var service = _server.ServiceRegistry.GetService(callMessage.ServiceName);
                 var serviceInterfaceType =
                     _server.ServiceRegistry.GetServiceInterfaceType(callMessage.ServiceName);
@@ -448,9 +451,6 @@ private void ProcessRpcMessage(WireMessage request)
                         methodName: callMessage.MethodName);
 
                 oneWay = method.GetCustomAttribute<OneWayAttribute>() != null;
-
-                if (_server.Config.AuthenticationRequired && !_isAuthenticated)
-                    throw new NetworkException("Session is not authenticated.");
             }
             catch (Exception ex)
             {