Token login page should redirect to root if token auth is not configured

[tlmii]

If for some reason a user tries to access the /login page when token auth is not configured (either because of mismatch between IDE/workload/Apphost packageref or just because they enter it manually) the page will display but nothing they do will work.

We should consider redirecting to / from the login page if auth is not configured for token auth.

[kvenkatrajan]

@tlmii - is this something you can still take up or should we reassign?

[tlmii]

@kvenkatrajan unassigned myself per our offline discussion so we can get it assigned to someone else.

[kvenkatrajan]

@adamint assigning it over to you and moved it over to 8.2.

[eerhardt]

Note that this is in the "Medium" priority bucket on the Aspire project. This looks like it is just the usability of when devs haven't logged in, and not a security vulnerability. Is that correct?

[adamint]

Note that this is in the "Medium" priority bucket on the Aspire project. This looks like it is just the usability of when devs haven't logged in, and not a security vulnerability. Is that correct?

That’s correct.