diff --git a/src/node/http.ts b/src/node/http.ts index c616c88377b885755bfb6f896a3ed612528c8738..af81f1876e293d2d5e3a338d92af553d5ab2fc90 100644 --- a/src/node/http.ts +++ b/src/node/http.ts @@ -927,7 +927,29 @@ export class HttpServer { } // Must be authenticated to use the proxy. - route.provider.ensureAuthenticated(request) + if (!route.provider.authenticated(request)) { + // Attempt to determine if it's the user browsing the root and if so fall + // through to allow the login flow. + if (request.headers["content-type"] !== "application/json") { + switch (route.providerBase) { + case "/": + case "/static": + if (request.method === "GET") { + return undefined + } + break + case "/login": + if (request.method === "GET" || request.method === "POST") { + return undefined + } + break + } + } + + // Assume anything else is some kind of request from the proxied + // application and return an unauthorized message. + throw new HttpError("Unauthorized", HttpCode.Unauthorized) + } return { proxy: {