feat(auth): bounce to /login.html on 401 so AUTH_ENABLED=true gives a real login #26
1 changed files with 9 additions and 0 deletions
|
|
@ -20,6 +20,15 @@ async function apiFetch(path, opts = {}) {
|
|||
headers: { 'Content-Type': 'application/json', ...(opts.headers || {}) },
|
||||
...opts,
|
||||
});
|
||||
// 401 from any API call means there's no live session. Bounce to the
|
||||
// login screen instead of leaving the app in a half-loaded state.
|
||||
// While AUTH_ENABLED=false the server returns a synthetic /auth/me with
|
||||
// 200 so this branch never fires; flipping AUTH_ENABLED=true is what
|
||||
// activates the redirect end-to-end.
|
||||
if (res.status === 401 && !location.pathname.endsWith('/login.html')) {
|
||||
location.replace('/login.html');
|
||||
throw new Error('Unauthenticated — redirecting to login');
|
||||
}
|
||||
if (!res.ok) throw new Error(res.status + ' ' + res.statusText);
|
||||
return res.json();
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue