BUG: Silent 401 handling does not redirect user to login #285
Description
Is there an existing issue for this?
- I have searched the existing issues
What happened?
📌 Issue Overview
When an API request returns a 401 Unauthorized response, the frontend only logs an error in the console and does not provide any visible feedback or redirect to the login page.
🔍 Current Behavior
- Axios interceptor catches 401
- Console logs "Unauthorized request"
- User remains on the same page
- UI appears broken (data not loading, buttons failing)
- No redirection or session reset occurs
✅ Expected Behavior
- On a definitive 401 response:
- Clear authentication/session state
- Redirect user to
/login - OR display a clear “Session expired” message
🧪 Steps to Reproduce
- Login normally
- Expire the token manually or clear auth storage
- Trigger any protected API call (dashboard, analytics, etc.)
- Observe that console logs error but no redirect or UI feedback occurs
🎯 Impact
This affects production readiness and user experience.
When sessions expire:
- Users experience broken UI behavior
- No guidance is provided
- App appears unstable
💡 Suggested Direction
In the Axios response interceptor:
- Trigger a global logout (Supabase signOut or equivalent)
- Redirect to
/login - Optionally show a “Session expired” notification
Record
- I agree to follow this project's Code of Conduct
- I want to work on this issue