fix redirect

auth.py

@@ -57,15 +57,9 @@ async def oauth_redirect_callback(request: Request):
 
 
 async def check_oauth(request: Request, call_next):
-    if request.url.path in (
-        "/",
-        "/auth/huggingface",
-        "/auth/callback",
-    ):  # not protected
-        return await call_next(request)
-    if request.session.get("user"):  # authenticated
-        return await call_next(request)
-    return RedirectResponse("/")
+    if request.url.path.startswith("/gradio") and not request.session.get("user"):  # protected route but not authenticated
+        return RedirectResponse("/")
+    return await call_next(request)
 
 
 def get_app() -> FastAPI: