From e3207b9c8ecd88fa6c3170d131289b71e25757db Mon Sep 17 00:00:00 2001
From: root <root@island37.com>
Date: Wed, 25 Mar 2026 03:50:49 -0500
Subject: [PATCH] Make /logs strictly admin-only, never accessible in demo mode

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 llm_team_ui.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/llm_team_ui.py b/llm_team_ui.py
index 9bfe5ba..893142e 100644
--- a/llm_team_ui.py
+++ b/llm_team_ui.py
@@ -319,8 +319,9 @@ def demo_set_allowlist():
 
 
 @app.route("/logs")
-@admin_required
 def logs_page():
+    if not is_admin():
+        return redirect("/login")
     try:
         with open("/var/www/html/report.html") as f:
             return f.read()