Handle unauthorized

DiunaBI.UI.Shared/Components/Auth/LoginCard.razor

@@ -37,15 +37,36 @@
                 @_errorMessage
             </MudAlert>
         }
+
+        @if (_sessionExpired)
+        {
+            <MudAlert Severity="Severity.Warning" Class="mt-4" Dense="true">
+                Your session has expired. Please sign in again.
+            </MudAlert>
+        }
     </MudCardContent>
 </MudCard>
 
 @code {
     private bool _isLoading = false;
     private string _errorMessage = string.Empty;
+    private bool _sessionExpired = false;
     private static LoginCard? _instance;
     private bool _isInitialized = false;
 
+    protected override void OnInitialized()
+    {
+        // Check if sessionExpired query parameter is present
+        var uri = new Uri(NavigationManager.Uri);
+        var query = System.Web.HttpUtility.ParseQueryString(uri.Query);
+        _sessionExpired = query["sessionExpired"] == "true";
+
+        if (_sessionExpired)
+        {
+            Console.WriteLine("⚠️ Session expired - user redirected to login");
+        }
+    }
+
     protected override async Task OnAfterRenderAsync(bool firstRender)
     {
         if (firstRender)

DiunaBI.UI.Shared/Extensions/ServiceCollectionExtensions.cs

@@ -17,14 +17,16 @@ public static class ServiceCollectionExtensions
         Console.WriteLine($"🔧 Configuring HttpClient with BaseAddress: {baseUri}");
 
         services.AddTransient<HttpLoggingHandler>();
+        services.AddTransient<UnauthorizedResponseHandler>();
 
-        // Configure named HttpClient with logging handler
+        // Configure named HttpClient with logging and 401 handling
         // Note: Authentication is handled by AuthService setting DefaultRequestHeaders.Authorization
         services.AddHttpClient("DiunaBI", client =>
         {
             client.BaseAddress = new Uri(baseUri);
             Console.WriteLine($"✅ HttpClient BaseAddress set to: {client.BaseAddress}");
         })
+        .AddHttpMessageHandler<UnauthorizedResponseHandler>()
         .AddHttpMessageHandler<HttpLoggingHandler>();
 
         // Register a scoped HttpClient factory that services will use

DiunaBI.UI.Shared/Handlers/UnauthorizedResponseHandler.cs

@@ -0,0 +1,41 @@
+using Microsoft.AspNetCore.Components;
+using Microsoft.Extensions.DependencyInjection;
+using DiunaBI.UI.Shared.Services;
+
+namespace DiunaBI.UI.Shared.Handlers;
+
+public class UnauthorizedResponseHandler : DelegatingHandler
+{
+    private readonly IServiceProvider _serviceProvider;
+
+    public UnauthorizedResponseHandler(IServiceProvider serviceProvider)
+    {
+        _serviceProvider = serviceProvider;
+    }
+
+    protected override async Task<HttpResponseMessage> SendAsync(
+        HttpRequestMessage request,
+        CancellationToken cancellationToken)
+    {
+        var response = await base.SendAsync(request, cancellationToken);
+
+        // Check if response is 401 Unauthorized
+        if (response.StatusCode == System.Net.HttpStatusCode.Unauthorized)
+        {
+            Console.WriteLine("⚠️ 401 Unauthorized response detected - clearing credentials and redirecting to login");
+
+            // Create a scope to get scoped services
+            using var scope = _serviceProvider.CreateScope();
+            var authService = scope.ServiceProvider.GetRequiredService<AuthService>();
+            var navigationManager = scope.ServiceProvider.GetRequiredService<NavigationManager>();
+
+            // Clear authentication
+            await authService.ClearAuthenticationAsync();
+
+            // Navigate to login page with session expired message
+            navigationManager.NavigateTo("/login?sessionExpired=true", forceLoad: true);
+        }
+
+        return response;
+    }
+}