@@ -18,10 +18,13 @@ async function req<T>(path: string, options: RequestInit = {}): Promise<T> {
|
||||
const res = await fetch(`${BASE}${path}`, { ...options, headers });
|
||||
|
||||
if (res.status === 401) {
|
||||
// Token expired — clear storage and reload to login
|
||||
const hadToken = Boolean(localStorage.getItem(TOKEN_KEY));
|
||||
localStorage.removeItem(TOKEN_KEY);
|
||||
localStorage.removeItem('codedump_user');
|
||||
window.location.href = '/login';
|
||||
// Only force-redirect if the user had an active session that expired.
|
||||
// Without this guard, unauthenticated requests (e.g. settings fetch on
|
||||
// the login page) trigger a redirect loop: 401 → /login → fetch → 401 → ...
|
||||
if (hadToken) window.location.href = '/login';
|
||||
throw new Error('Session expired');
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user