Allow unauthenticated access

[kassett]

Title

Allow unauthenticated dashboard access when ALLOW_ANONYMOUS_ACCESS=true

Description

It would be great to support unauthenticated access to the dashboard UI when the ALLOW_ANONYMOUS_ACCESS environment variable is set to true.

This is a common pattern for self-hosted tools like Grafana, Elasticsearch Dashboards, and others, where users can opt in to anonymous viewing mode by explicitly setting an env var. This helps reduce friction in local or low-risk deployments, especially for internal use or quick evaluations.

Importantly, I don't think this pattern needs to extend to API (programmatic) access. Unauthenticated access should be limited to the web dashboard only — programmatic access should continue to require authentication.

Proposed behavior

• If ALLOW_ANONYMOUS_ACCESS=true, users visiting the dashboard in a browser are not required to log in.
• API routes continue to enforce authentication regardless of this setting.

Let me know if you'd like help with a PR.

[acco]

This is an interesting request @kassett. We have considered what a login-less experience might look like.

What's the main use case here? Is it sharing the console with other members of your team?

[kassett]

2 uses cases:

• Sequin is used in our dev docker-compose, so logging in constantly when you run docker-compose up is a little annoying.
• Sequin dashboard and other similar dev tools (Elastic, Grafana, etc) are all on our VPN, so log in really isn't necessary.