diff --git a/app.py b/app.py
index e6f2a7a..450b156 100644
--- a/app.py
+++ b/app.py
@@ -252,6 +252,9 @@ def inject_has_authorized_cookie():
 
 @app.before_request
 def require_system_password():
+    if request.endpoint is None:
+        return
+    
     if 'authorized' not in request.cookies \
        and request.endpoint != 'system_auth' \
        and not request.endpoint.startswith('login') \
@@ -259,6 +262,8 @@ def require_system_password():
 
         if request.endpoint == 'static_bp.serve_js':
             requested_file = request.view_args.get("filename", "")
+            if requested_file == "toasts.js":
+                return 
             if requested_file.endswith(".js"):
                 return redirect(url_for('system_auth', next=request.url))
             else: