#ZegnatBut there would be a middleware up the chain that actually checks whether the current browser is logged in or not. And the way that middleware functions (it might highjack and send the user to a login form of some kind) is out-of-scope for the IndieAuth server