diff --git a/app/models/comment.rb b/app/models/comment.rb
index ed6b638cb..0c1491ecf 100644
--- a/app/models/comment.rb
+++ b/app/models/comment.rb
@@ -60,12 +60,12 @@ class Comment < ActiveRecord::Base
       return data[:actual] unless data[:actual].nil?
       return false if diff.nil?
     end
+    return data[:actual] = true if commentable_type == 'Grit::Commit'
     filepath, line_number = data[:path], data[:line]
     diff_path = (diff || commentable.diffs ).select {|d| d.a_path == data[:path]}
     comment_line = data[:line].to_i
     # NB! also dont create a comment to the diff header
     return data[:actual] = false if diff_path.blank? || comment_line == 0
-    return data[:actual] = true if commentable_type == 'Grit::Commit'
     res, ind = true, 0
     diff_path[0].diff.each_line do |line|
       if self.persisted? && (comment_line-2..comment_line+2).include?(ind) && data.try('[]', "line#{ind-comment_line}") != line.chomp
@@ -95,6 +95,7 @@ class Comment < ActiveRecord::Base
       return true
     end
     self.data = {:path => params[:path], :line => params[:line]}
+    return actual_inline_comment?(nil, true) if commentable.is_a?(Grit::Commit)
     if commentable.is_a?(Issue) && pull = commentable.pull_request
       diff_path = pull.diff.select {|d| d.a_path == params[:path]}
       return false unless actual_inline_comment?(pull.diff, true)
diff --git a/app/models/user.rb b/app/models/user.rb
index ab277c086..b640134ed 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -86,13 +86,8 @@ class User < Avatar
   class << self
     def find_for_database_authentication(warden_conditions)
       conditions = warden_conditions.dup
-
       login = conditions.delete(:login)
-      pass  = conditions.delete(:pass)
-      user = User.where(conditions).where(:authentication_token => login).first ||
-             User.where(conditions).where(["lower(uname) = :value OR lower(email) = :value", { :value => login.downcase}]).first
-      return user if !user.access_locked? and (user.authentication_token == login or user.valid_password?(pass))
-      nil
+      where(conditions).where(["lower(uname) = :value OR lower(email) = :value", { :value => login.downcase }]).first
     end
 
     def new_with_session(params, session)
diff --git a/lib/plugins/grack/auth.rb b/lib/plugins/grack/auth.rb
index 4b2f14385..e61af897b 100644
--- a/lib/plugins/grack/auth.rb
+++ b/lib/plugins/grack/auth.rb
@@ -12,7 +12,9 @@ module Grack
         return render_not_found if project.blank?
 
         return ::Rack::Auth::Basic.new(@app) do |u, p|
-          user = User.find_for_database_authentication({:login => u, :pass => p}) and
+          user = (User.where(:authentication_token => u).first ||
+                      User.find_for_database_authentication(:login => u)) and
+          !user.access_locked? and (user.authentication_token == u or user.valid_password?(p)) and
           ability = ::Ability.new(user) and ability.can?(action, project) # project.members.include?(user)
         end.call(env) unless project.public? and read? # need auth
       end