Don't check for credentials on the login API

The web server should not be checking for credentials on the login
API. This allows the GUI to check the old password on a password
change.

Resolves openbmc/openbmc#3190

Tested: Verfied login still works and tested changing the user
password from the GUI.
Change-Id: I7c3570d50c011a0327a34f09b447dec5ca42cb9f
Signed-off-by: Gunnar Mills <[email protected]>

Author: gtmills

module/obmc/wsgi/apps/rest_dbus.py

@@ -687,10 +687,6 @@ def do_logout(self, **kw):
         return self.no_user_str
 
     def do_login(self, **kw):
-        session = self.get_session_from_cookie()
-        if session is not None:
-            return self.login_str % (session['user'], 'in')
-
         if len(request.parameter_list) != 2:
             abort(400, self.bad_json_str % (request.json))