Nathan Esquenazi d88419ccfb fix(auth): redirect to /login when auth is enabled and accessing root ...

'/' and '/index.html' were in PUBLIC_PATHS, so setting a password
and refreshing the root URL would show the app blank (JS loaded
but all API calls returned 401) instead of redirecting to /login.

Root and index.html must be protected paths so the browser gets a
302 -> /login when auth is active and no valid session cookie exists.

2026-04-03 06:21:04 -07:00

4.7 KiB

Raw Blame History

View Raw