diff --git a/app/Http/Controllers/SpaController.php b/app/Http/Controllers/SpaController.php
index a6939513b..f0c26d79d 100644
--- a/app/Http/Controllers/SpaController.php
+++ b/app/Http/Controllers/SpaController.php
@@ -13,14 +13,10 @@ use App\Util\Localization\Localization;
 
 class SpaController extends Controller
 {
-	public function __construct()
-	{
-		$this->middleware('auth');
-	}
-
-    public function index()
+    public function index(Request $req)
     {
     	abort_unless(config('exp.spa'), 404);
+    	if(!$req->user()) { return redirect('/login'); }
     	return view('layouts.spa');
     }
 
@@ -32,7 +28,7 @@ class SpaController extends Controller
 		}
 
 		if(SnowflakeService::byDate(now()->subDays(30)) > $id) {
-			abort(404);
+			return redirect('/login');
 		}
 
 		$post = StatusService::get($id);
@@ -46,7 +42,7 @@ class SpaController extends Controller
 			return redirect($post['url']);
 		}
 
-		abort(404);
+    	return redirect('/login');
 	}
 
 	public function webProfile(Request $request, $id)
@@ -60,17 +56,19 @@ class SpaController extends Controller
 			return view('layouts.spa');
 		}
 
-		$account = AccountService::get($id);
+		// $account = AccountService::get($id);
 
-		if($account && isset($account['url'])) {
-			return redirect($account['url']);
-		}
+		// if($account && isset($account['url'])) {
+		// 	return redirect($account['url']);
+		// }
 
-		return redirect('404');
+		return redirect('/login');
 	}
 
 	public function updateLanguage(Request $request)
 	{
+		abort_unless(config('exp.spa'), 404);
+		abort_unless($req->user(), 404);
 		$this->validate($request, [
 			'v' => 'required|in:0.1,0.2',
 			'l' => 'required|alpha_dash|max:5'
@@ -90,6 +88,7 @@ class SpaController extends Controller
 
 	public function getPrivacy()
 	{
+		abort_unless($req->user(), 404);
 		$body = $this->markdownToHtml('views/page/privacy.md');
 		return [
 			'body' => $body
@@ -98,6 +97,7 @@ class SpaController extends Controller
 
 	public function getTerms()
 	{
+		abort_unless($req->user(), 404);
 		$body = $this->markdownToHtml('views/page/terms.md');
 		return [
 			'body' => $body
@@ -119,6 +119,7 @@ class SpaController extends Controller
 
 	public function usernameRedirect(Request $request, $username)
 	{
+		abort_unless($req->user(), 404);
 		$id = AccountService::usernameToId($username);
 		if(!$id) {
 			return redirect('/i/web/404');