From 06e01bc7e994763e5c2c9fa4b11e4c0c8839a627 Mon Sep 17 00:00:00 2001
From: oppiliappan <me@oppi.li>
Date: Thu, 25 Sep 2025 15:46:39 +0100
Subject: [PATCH] appview: do not require auth for upgrade banner
Change-Id: kswrwztzmqulruxvtklxnwkozuoytlol

the upgrade banner is left empty if the user's session is expired. this
prevents them from randomly being booted to the login page.

Signed-off-by: oppiliappan <me@oppi.li>
---
 appview/state/router.go | 2 +-
 appview/state/state.go  | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/appview/state/router.go b/appview/state/router.go
index aa57720c..bad1dd25 100644
--- a/appview/state/router.go
+++ b/appview/state/router.go
@@ -116,7 +116,7 @@ func (s *State) StandardRouter(mw *middleware.Middleware) http.Handler {
 
 	r.Get("/", s.HomeOrTimeline)
 	r.Get("/timeline", s.Timeline)
-	r.With(middleware.AuthMiddleware(s.oauth)).Get("/upgradeBanner", s.UpgradeBanner)
+	r.Get("/upgradeBanner", s.UpgradeBanner)
 
 	// special-case handler for serving tangled.org/core
 	r.Get("/core", s.Core())
diff --git a/appview/state/state.go b/appview/state/state.go
index cc023855..ba5fcc58 100644
--- a/appview/state/state.go
+++ b/appview/state/state.go
@@ -249,6 +249,10 @@ func (s *State) Timeline(w http.ResponseWriter, r *http.Request) {
 
 func (s *State) UpgradeBanner(w http.ResponseWriter, r *http.Request) {
 	user := s.oauth.GetUser(r)
+	if user == nil {
+		return
+	}
+
 	l := s.logger.With("handler", "UpgradeBanner")
 	l = l.With("did", user.Did)
 	l = l.With("handle", user.Handle)
-- 
2.43.0