From 6afc464d5318f1546a815939e1f4183a3f1b3b4a Mon Sep 17 00:00:00 2001
From: Jon <git@jonstarkey.co.uk>
Date: Wed, 3 Jun 2026 00:55:48 +0100
Subject: [PATCH] Redirect unauthenticated browser requests to /login instead
 of returning 401

---
 manager/main.py | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/manager/main.py b/manager/main.py
index 3384f5e..c9ff739 100644
--- a/manager/main.py
+++ b/manager/main.py
@@ -52,9 +52,16 @@ def _check_auth(request: Request) -> bool:
 
 def _require_auth(request: Request) -> None:
     if not _check_auth(request):
+        from fastapi.responses import RedirectResponse
         raise HTTPException(status_code=401, detail="Unauthorized")
 
 
+def _redirect_if_unauth(request: Request):
+    if not _check_auth(request):
+        return RedirectResponse("/login", status_code=303)
+    return None
+
+
 # ── Auth ──────────────────────────────────────────────────────────────────────
 
 @app.get("/login", response_class=HTMLResponse)
@@ -82,7 +89,8 @@ async def logout():
 
 @app.get("/", response_class=HTMLResponse)
 async def index(request: Request):
-    _require_auth(request)
+    if redir := _redirect_if_unauth(request):
+        return redir
     all_profiles = db.list_profiles()
     for p in all_profiles:
         p["running"] = pm.is_running(p["id"])
@@ -96,7 +104,8 @@ async def index(request: Request):
 
 @app.get("/profile/{profile_id}", response_class=HTMLResponse)
 async def profile_page(request: Request, profile_id: int):
-    _require_auth(request)
+    if redir := _redirect_if_unauth(request):
+        return redir
     profile = db.get_profile(profile_id)
     if not profile:
         raise HTTPException(404, "Profile not found")