From 99304a6174a4e43b0df36924d0a82334f13be153 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Simon=20K=C3=BChn?= <simon@kuehn.de>
Date: Thu, 7 May 2026 20:03:21 +0200
Subject: [PATCH] Fix session-expiry redirect not showing login form

When Symfony returns a non-JSON body (empty or HTML) for a 401 on
protected API routes, res.json() throws a SyntaxError with no .status,
so showLogin() was never called. Now the HTTP status is preserved
through JSON parse failures so the 401 check works correctly.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 public/app.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/public/app.js b/public/app.js
index 01047be..46d969b 100644
--- a/public/app.js
+++ b/public/app.js
@@ -264,6 +264,9 @@ function api(method, path, body){
     return res.json().then(function(data){
       if(!res.ok){ var e=new Error(data.error||'Fehler'); e.status=res.status; throw e; }
       return data;
+    }).catch(function(e){
+      if(e.status){ throw e; }
+      var ne=new Error('Fehler'); ne.status=res.status; throw ne;
     });
   }).catch(function(e){
     if(e.status===401 && path!=='login'){ showLogin(); }