Summary
When an OCL session token expires (after ~24 hours), the user is not smoothly redirected back to their original destination. Instead they hit a confusing multi-step redirect — the app shows "back to application," then drops them at the home page with no indication of what happened.
Current Behavior
- User is working in TBv3 with an active session
- Token expires (after ~24 hours)
- User attempts any authenticated action
- App surfaces a confusing redirect prompt
- After completing the auth flow, user is dropped at the home page — not returned to where they were
Expected Behavior
- Session expires during active use
- User is prompted to re-authenticate (cleanly, with context — e.g., "Your session has expired. Please log in to continue.")
- After successful login, user is returned to the exact page/URL they were on before expiry
Notes
- The only related prior work is ocl_issues#2219 (
CheckAuth.jsx), which added a loading spinner to suppress the 401 flash during the initial page load auth check. That does not address the mid-session token expiry redirect problem.
- This is a v3 MVP requirement: new users hitting this for the first time will perceive it as broken behavior.
Summary
When an OCL session token expires (after ~24 hours), the user is not smoothly redirected back to their original destination. Instead they hit a confusing multi-step redirect — the app shows "back to application," then drops them at the home page with no indication of what happened.
Current Behavior
Expected Behavior
Notes
CheckAuth.jsx), which added a loading spinner to suppress the 401 flash during the initial page load auth check. That does not address the mid-session token expiry redirect problem.