fix: skip 401 redirect for auth endpoints to prevent login interference

The API client's 401 handler was intercepting responses from /auth/* endpoints (login, register, me), throwing "Session expired" before the actual response could reach the caller. This prevented the login form from working — the AuthProvider's me() call returned 401, threw, and the error propagated into the login flow. Now the 401 redirect only triggers for non-auth API calls (where it genuinely indicates an expired session). Auth endpoints handle their own error responses normally. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2 months ago · f8588a57a3
parent d081c47c7f
commit f8588a57a3
2 changed files with 3 additions and 9 deletions
--- a/frontend/src/api/client.ts
+++ b/frontend/src/api/client.ts
@ -55,11 +55,8 @@ class ApiClient {
    });

    if (!response.ok) {
-      if (response.status === 401) {
-        const path = window.location.pathname;
-        if (path !== '/login' && path !== '/register') {
-          window.location.href = '/login';
-        }
+      if (response.status === 401 && !url.includes('/auth/')) {
+        window.location.href = '/login';
        throw { status: 401, message: 'Session expired' } satisfies ApiError;
      }

--- a/frontend/src/api/syntheses.ts
+++ b/frontend/src/api/syntheses.ts
@ -45,10 +45,7 @@ export async function fetchFile(path: string): Promise<Response> {

  if (!response.ok) {
    if (response.status === 401) {
-      const path = window.location.pathname;
-      if (path !== '/login' && path !== '/register') {
-        window.location.href = '/login';
-      }
+      window.location.href = '/login';
    }
    const errorBody = await response.json().catch(() => ({ error: 'Unknown error' }));
    throw {