The former approach was used in the early web because pages were immutable back then, and it felt natural to have a separate page URL just because it had a form and not the other content.
To set up such redirects, you make pages without the authentication check and extract that check to some kind...