From 0dea2bbc6f4ed06ade14ba3151859d2a673cdb62 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Victor=20Mu=C5=A1tar?= <victor.mustar@gmail.com>
Date: Fri, 7 Nov 2025 11:32:16 +0100
Subject: [PATCH] fix: update OAuth redirect logic to include model thumbnail
 pages

---
 src/hooks.server.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 74b5b7a771d..17241b36174 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -154,7 +154,7 @@ export const handle: Handle = async ({ event, resolve }) => {
 				});
 			}
 		} else {
-			// Redirect to OAuth flow unless on the authorized pages (home, shared conversation, login, healthcheck)
+			// Redirect to OAuth flow unless on the authorized pages (home, shared conversation, login, healthcheck, model thumbnails)
 			if (
 				event.url.pathname !== `${base}/` &&
 				event.url.pathname !== `${base}` &&
@@ -163,6 +163,10 @@ export const handle: Handle = async ({ event, resolve }) => {
 				!event.url.pathname.startsWith(`${base}/healthcheck`) &&
 				!event.url.pathname.startsWith(`${base}/r/`) &&
 				!event.url.pathname.startsWith(`${base}/conversation/`) &&
+				!(
+					event.url.pathname.startsWith(`${base}/models/`) &&
+					event.url.pathname.endsWith("/thumbnail.png")
+				) &&
 				!event.url.pathname.startsWith(`${base}/api`)
 			) {
 				refreshSessionCookie(event.cookies, auth.secretSessionId);