feat: add WWW-Authenticate header for 401 responses

Co-authored-by: aider (openai/andrew/openrouter/deepseek/deepseek-chat-v3.1) <aider@aider.chat>
2025-08-28 16:18:28 -03:00
parent 9b793fa7ba
commit b8f42ed03f
1 changed files with 8 additions and 1 deletions
--- a/src/modes/server/common.rs
+++ b/src/modes/server/common.rs
@@ -238,7 +238,14 @@ pub fn create_auth_middleware(
            
            if !check_auth(&headers, &password, &password_hash) {
                warn!("Unauthorized request to {} from {}", uri, addr);
-                return Err(StatusCode::UNAUTHORIZED);
+                // Add WWW-Authenticate header to trigger basic auth in browsers
+                let mut response = Response::new(axum::body::Body::from("Unauthorized"));
+                *response.status_mut() = StatusCode::UNAUTHORIZED;
+                response.headers_mut().insert(
+                    "www-authenticate",
+                    "Basic realm=\"Keep Server\", charset=\"UTF-8\"".parse().unwrap(),
+                );
+                return Ok(response);
            }
            
            let response = next.run(request).await;