diff --git a/http/http.go b/http/http.go
index dc743f6..f83768b 100644
--- a/http/http.go
+++ b/http/http.go
@@ -49,7 +49,6 @@ func (h *Handler) Serve() {
 
 	withLogin := router.Group("")
 	withLogin.Use(h.verifyLoginWithRedirect)
-	withLogin.GET("/dashboard", h.dashboard)
 	withLogin.GET("/admin", h.admin)
 	withLogin.GET("/admin/clear-database", h.clearDatabase)
 
@@ -75,6 +74,7 @@ func (h *Handler) Serve() {
 
 	authenticated := api.Group("")
 	authenticated.Use(h.verifyLoginWithRedirect)
+	authenticated.GET("/dashboard", h.dashboard)
 
 	user := authenticated.Group("/user")
 	user.GET("/logout", logout)
diff --git a/http/session.go b/http/session.go
index 646b7a7..7173cbe 100644
--- a/http/session.go
+++ b/http/session.go
@@ -26,6 +26,18 @@ func (h *Handler) verifyLogin(c *gin.Context) (budgeteer.Token, error) {
 	return token, nil
 }
 
+func (h *Handler) verifyLoginWithForbidden(c *gin.Context) {
+	token, err := h.verifyLogin(c)
+	if err != nil {
+		//c.Header("WWW-Authenticate", "Bearer")
+		c.AbortWithStatus(http.StatusForbidden)
+		return
+	}
+
+	c.Set("token", token)
+	c.Next()
+}
+
 func (h *Handler) verifyLoginWithRedirect(c *gin.Context) {
 	token, err := h.verifyLogin(c)
 	if err != nil {
diff --git a/web/src/main.js b/web/src/main.js
index 93bec40..ed4e490 100644
--- a/web/src/main.js
+++ b/web/src/main.js
@@ -12,7 +12,7 @@ const store = createStore({
     },
     mutations: {
         getDashboard (state) {
-            fetch("/dashboard")
+            fetch("/api/v1/dashboard")
                 .then(x => x.json())
                 .then(x => console.log(x))
                 .then(x => state.Budgets = x.Budgets);