From 97394df0b9cbe183d4fa91c44861e46708d18459 Mon Sep 17 00:00:00 2001
From: Jason Hu <awarecan@users.noreply.github.com>
Date: Fri, 11 Jan 2019 00:26:25 -0800
Subject: [PATCH] Only authenticate request when owner can be found

---
 homeassistant/components/http/auth.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/homeassistant/components/http/auth.py b/homeassistant/components/http/auth.py
index 6cd211613ce..a515fcd198e 100644
--- a/homeassistant/components/http/auth.py
+++ b/homeassistant/components/http/auth.py
@@ -92,8 +92,8 @@ def setup_auth(app, trusted_networks, api_password):
             for user in users:
                 if user.is_owner:
                     request['hass_user'] = user
+                    authenticated = True
                     break
-            authenticated = True
 
         request[KEY_AUTHENTICATED] = authenticated
         return await handler(request)