From e9fceed80716b4e032e4ad0eca65b5fb005f02ae Mon Sep 17 00:00:00 2001 From: Tam Nhu Tran Date: Sat, 28 Mar 2026 21:21:16 -0400 Subject: [PATCH] fix(ui): redirect to login when auth check fails from remote access When the auth check API call fails (e.g., 403 from the localhost security middleware), the catch block assumed no auth was needed and marked the user as authenticated. This caused a silently broken dashboard with no providers and no error feedback. Now treats auth check failure as auth-required, redirecting to the login page where users get a clear prompt to configure credentials. --- ui/src/contexts/auth-context.tsx | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/ui/src/contexts/auth-context.tsx b/ui/src/contexts/auth-context.tsx index 6be8c976..f43993a2 100644 --- a/ui/src/contexts/auth-context.tsx +++ b/ui/src/contexts/auth-context.tsx @@ -47,9 +47,10 @@ export function AuthProvider({ children }: { children: ReactNode }) { setUsername(res.username); }) .catch(() => { - // If check fails, assume no auth required (backward compat) - setAuthRequired(false); - setIsAuthenticated(true); + // If auth check fails (e.g., 403 from remote access without auth configured), + // treat as auth required so the login page appears instead of a broken dashboard. + setAuthRequired(true); + setIsAuthenticated(false); }) .finally(() => setLoading(false)); }, []);