From d081c47c7fc1e3ea562d7cb41f73add660ce4bd7 Mon Sep 17 00:00:00 2001
From: oabrivard <olivier@abrivard.fr>
Date: Thu, 2 Apr 2026 23:42:03 +0200
Subject: [PATCH] fix: prevent 401 redirect loop on login and register pages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The API client redirected to /login on any 401 response, including the
GET /auth/me call made by AuthProvider on the login page itself. This
caused an infinite hard-navigation reload loop.

Skip the redirect when already on /login or /register — the AuthContext
route guards handle unauthenticated routing for those pages.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 frontend/src/api/client.ts    | 5 ++++-
 frontend/src/api/syntheses.ts | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/frontend/src/api/client.ts b/frontend/src/api/client.ts
index fad5ce9..c11096f 100644
--- a/frontend/src/api/client.ts
+++ b/frontend/src/api/client.ts
@@ -56,7 +56,10 @@ class ApiClient {
 
     if (!response.ok) {
       if (response.status === 401) {
-        window.location.href = '/login';
+        const path = window.location.pathname;
+        if (path !== '/login' && path !== '/register') {
+          window.location.href = '/login';
+        }
         throw { status: 401, message: 'Session expired' } satisfies ApiError;
       }
 
diff --git a/frontend/src/api/syntheses.ts b/frontend/src/api/syntheses.ts
index fa5f7c7..5483aef 100644
--- a/frontend/src/api/syntheses.ts
+++ b/frontend/src/api/syntheses.ts
@@ -45,7 +45,10 @@ export async function fetchFile(path: string): Promise<Response> {
 
   if (!response.ok) {
     if (response.status === 401) {
-      window.location.href = '/login';
+      const path = window.location.pathname;
+      if (path !== '/login' && path !== '/register') {
+        window.location.href = '/login';
+      }
     }
     const errorBody = await response.json().catch(() => ({ error: 'Unknown error' }));
     throw {