diff --git a/src/server/middleware/auth.ts b/src/server/middleware/auth.ts
index 82025fe..1db1271 100644
--- a/src/server/middleware/auth.ts
+++ b/src/server/middleware/auth.ts
@@ -4,7 +4,8 @@ const AUTH_USERNAME = process.env.SERVER_USERNAME || 'admin';
 const AUTH_PASSWORD = process.env.SERVER_PASSWORD || 'aidio2024';
 
 export function basicAuth(req: Request, res: Response, next: NextFunction): void {
-  if (req.path === '/api/auth/login' || req.path === '/api/auth/check') {
+  // Allow login/check endpoints and all non-API routes (static files, HTML)
+  if (req.path === '/api/auth/login' || req.path === '/api/auth/check' || !req.path.startsWith('/api/')) {
     next();
     return;
   }