One workaround is to set your SPA Controller as the default controller. Something along these lines:
System.Web.Routing.RouteTable.Routes.MapRoute(
name: "SPA",
url: "{controller}/{action}/{id}",
defaults: new
{
controller = "SPA",
action = "Index",
id = UrlParameter.Optional
}
);
Make sure it is the first MVC route that gets mapped.
Then... In your web.config, you can set the loginUrl to the Landing Controller.
<authentication mode="Forms">
<forms loginUrl="~/Home/Index" timeout="2880" />
</authentication>
Then.. Decorate your SPA Controller with the Authorize attribute. All unauthenticated requests to the SPA Controller will be redirected to the loginUrl, which points to your Landing Controller