useAuth only checked /auth/me on mount, so a session that expired later left the app half-alive: mutations failed with raw 401 toasts and no way back to login. api.ts now dispatches 'auth:expired' on any 401 outside /auth/* (under /auth/* a 401 means wrong credential input — e.g. change-password — and must not log the user out); AuthProvider listens and clears the user, so the existing RequireAuth redirect kicks in preserving state.from. Test: client/api.sessionExpiry.test.ts (both directions). (QA follow-up 1e, error-handling audit) Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| useAuth.tsx | ||
| useAutoSave.test.ts | ||
| useAutoSave.ts | ||
| usePaymentActions.ts | ||
| useQueries.ts | ||
| useSearchPanelPreference.ts | ||