From 1a7f621502a962763aa1d73f2a49caee6b2ed38b Mon Sep 17 00:00:00 2001
From: johnniang <johnniang@riseup.net>
Date: Mon, 29 Apr 2019 13:52:45 +0800
Subject: [PATCH] Remove session authentication

---
 .../security/filter/AdminAuthenticationFilter.java | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/src/main/java/run/halo/app/security/filter/AdminAuthenticationFilter.java b/src/main/java/run/halo/app/security/filter/AdminAuthenticationFilter.java
index a7b0aaa27..54d38cb4d 100644
--- a/src/main/java/run/halo/app/security/filter/AdminAuthenticationFilter.java
+++ b/src/main/java/run/halo/app/security/filter/AdminAuthenticationFilter.java
@@ -115,20 +115,6 @@ public class AdminAuthenticationFilter extends AbstractAuthenticationFilter {
             return;
         }
 
-        // Get info from session
-        Object adminSessionValue = request.getSession().getAttribute(ADMIN_SESSION_KEY);
-
-        if (adminSessionValue instanceof UserDetail) {
-            // Convert to user detail
-            UserDetail userDetail = (UserDetail) adminSessionValue;
-
-            // Set security context
-            SecurityContextHolder.setContext(new SecurityContextImpl(new AuthenticationImpl(userDetail)));
-
-            filterChain.doFilter(request, response);
-            return;
-        }
-
         if (shouldSkipAuthenticateFailure(request)) {
             // If should skip this authentication failure
             log.debug("Skipping authentication failure, url: [{}], method: [{}]", request.getServletPath(), request.getMethod());