Redirect unauthenticated browser requests to /login instead of returning 401

2026-06-03 00:55:48 +01:00
parent 407a0c15e1
commit 6afc464d53
1 changed files with 11 additions and 2 deletions
--- a/manager/main.py
+++ b/manager/main.py
@@ -52,9 +52,16 @@ def _check_auth(request: Request) -> bool:

 def _require_auth(request: Request) -> None:
    if not _check_auth(request):
+        from fastapi.responses import RedirectResponse
        raise HTTPException(status_code=401, detail="Unauthorized")


+def _redirect_if_unauth(request: Request):
+    if not _check_auth(request):
+        return RedirectResponse("/login", status_code=303)
+    return None
+
+
 # ── Auth ──────────────────────────────────────────────────────────────────────

@app.get("/login", response_class=HTMLResponse)
@@ -82,7 +89,8 @@ async def logout():

@app.get("/", response_class=HTMLResponse)
 async def index(request: Request):
-    _require_auth(request)
+    if redir := _redirect_if_unauth(request):
+        return redir
    all_profiles = db.list_profiles()
    for p in all_profiles:
        p["running"] = pm.is_running(p["id"])
@@ -96,7 +104,8 @@ async def index(request: Request):

@app.get("/profile/{profile_id}", response_class=HTMLResponse)
 async def profile_page(request: Request, profile_id: int):
-    _require_auth(request)
+    if redir := _redirect_if_unauth(request):
+        return redir
    profile = db.get_profile(profile_id)
    if not profile:
        raise HTTPException(404, "Profile not found")