diff --git a/static/shared/js/api-client.js b/static/shared/js/api-client.js index 5ff71ac6..ec412246 100644 --- a/static/shared/js/api-client.js +++ b/static/shared/js/api-client.js @@ -155,7 +155,15 @@ class APIClient { apiLog.debug('Error details:', data); apiLog.info('Clearing authentication tokens'); this.clearTokens(); - this.redirectIfCustomerAreaUnauthorized(); + if (this.redirectIfCustomerAreaUnauthorized()) { + // Page is navigating away to /account/login. Return a + // never-resolving promise so the caller's await never + // returns and any `.finally(() => loading = false)` + // never fires — prevents a wrong-state UI flash + // between the redirect being scheduled and the browser + // actually navigating away. + return new Promise(() => {}); + } const errorMessage = data.message || data.detail || 'Unauthorized - please login again'; apiLog.error('Throwing authentication error:', errorMessage); @@ -304,7 +312,9 @@ class APIClient { if (response.status === 401) { apiLog.warn('401 Unauthorized - Authentication failed'); this.clearTokens(); - this.redirectIfCustomerAreaUnauthorized(); + if (this.redirectIfCustomerAreaUnauthorized()) { + return new Promise(() => {}); + } throw new Error(data.message || data.detail || 'Unauthorized'); } @@ -345,7 +355,9 @@ class APIClient { if (response.status === 401) { apiLog.warn('401 Unauthorized - Authentication failed'); this.clearTokens(); - this.redirectIfCustomerAreaUnauthorized(); + if (this.redirectIfCustomerAreaUnauthorized()) { + return new Promise(() => {}); + } throw new Error('Unauthorized'); }