diff --git a/src/Tgstation.Server.Host/Controllers/ApiController.cs b/src/Tgstation.Server.Host/Controllers/ApiController.cs
index 399b28a5b0..deeaa55dc3 100644
--- a/src/Tgstation.Server.Host/Controllers/ApiController.cs
+++ b/src/Tgstation.Server.Host/Controllers/ApiController.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
using System.Collections.Generic;
using System.Globalization;
using System.Linq;
@@ -191,6 +191,12 @@ namespace Tgstation.Server.Host.Controllers
/// A with an appropriate .
protected new NotFoundObjectResult NotFound() => NotFound(new ErrorMessageResponse(ErrorCode.ResourceNeverPresent));
+ ///
+ /// Generic 401 response.
+ ///
+ /// An with .
+ protected new ObjectResult Unauthorized() => this.StatusCode(HttpStatusCode.Unauthorized, null);
+
///
/// Generic 501 response.
///
diff --git a/src/Tgstation.Server.Host/Controllers/HomeController.cs b/src/Tgstation.Server.Host/Controllers/HomeController.cs
index afa526ad92..6b1c2ebdf8 100644
--- a/src/Tgstation.Server.Host/Controllers/HomeController.cs
+++ b/src/Tgstation.Server.Host/Controllers/HomeController.cs
@@ -1,4 +1,4 @@
-using System;
+using System;
using System.Linq;
using System.Net;
using System.Threading;
@@ -164,6 +164,8 @@ namespace Tgstation.Server.Host.Controllers
HeaderNames.Vary,
new StringValues(ApiHeaders.ApiVersionHeader));
+ // if they tried to authenticate in any form and failed, let them know immediately
+ bool failIfUnauthed;
if (ApiHeaders == null)
{
if (controlPanelConfiguration.Enable && !Request.Headers.TryGetValue(ApiHeaders.ApiVersionHeader, out _))
@@ -190,7 +192,14 @@ namespace Tgstation.Server.Host.Controllers
{
return HeadersIssue(ex);
}
+
+ failIfUnauthed = Request.Headers.Authorization.Any();
}
+ else
+ failIfUnauthed = ApiHeaders.Token != null;
+
+ if (failIfUnauthed && !AuthenticationContext.Valid)
+ return Unauthorized();
return Json(new ServerInformationResponse
{
diff --git a/tests/Tgstation.Server.Tests/Live/RawRequestTests.cs b/tests/Tgstation.Server.Tests/Live/RawRequestTests.cs
index dae4ff1a34..7dc5d243f7 100644
--- a/tests/Tgstation.Server.Tests/Live/RawRequestTests.cs
+++ b/tests/Tgstation.Server.Tests/Live/RawRequestTests.cs
@@ -210,6 +210,7 @@ namespace Tgstation.Server.Tests.Live
var badClient = clientFactory.CreateFromToken(serverClient.Url, newToken);
await ApiAssert.ThrowsException(() => badClient.Administration.Read(cancellationToken));
+ await ApiAssert.ThrowsException(() => badClient.ServerInformation(cancellationToken));
}
static async Task TestOAuthFails(IServerClient serverClient, CancellationToken cancellationToken)