diff --git a/peach-web/src/main.rs b/peach-web/src/main.rs
index d5d4555..80966e2 100644
--- a/peach-web/src/main.rs
+++ b/peach-web/src/main.rs
@@ -79,11 +79,16 @@ fn main() {
         // assign a unique id to each client (appends a cookie to the response
         // with a name of "SID" and a duration of one hour (3600 seconds)
         rouille::session::session(request, "SID", 3600, |session| {
+            // if the "DISABLE_AUTH" env var is true, authenticate the session
+            let mut session_data = if CONFIG.disable_auth {
+                Some(SessionData {
+                    _login: "success".to_string(),
+                })
             // if the client already has an identifier from a previous request,
             // try to load the existing session data. if successful, make a
             // copy of the data in order to avoid locking the session for too
             // long
-            let mut session_data = if session.client_has_sid() {
+            } else if session.client_has_sid() {
                 sessions_storage.lock().unwrap().get(session.id()).cloned()
             } else {
                 None