Prior to this MR, a null or blank authentication token in an API request would override any pre-configured repository password. This MR will prevent that.