fix: prevent auth logout by sending refresh request without expired access token header

js/services/notifications.js

@@ -33,6 +33,11 @@ class NotificationsService {
     async refresh() {
         if (!this.userHash) return
 
+        if (!auth.isLoggedIn()) {
+            this.destroy()
+            return
+        }
+
         try {
             const [count, notifications] = await Promise.all([
                 directus.getUnreadCount(this.userHash),
@@ -42,7 +47,9 @@ class NotificationsService {
             this.notifications = notifications
             this.notify()
         } catch (e) {
-            console.error('Failed to fetch notifications:', e)
+            if (e.status === 401 || e.status === 403) {
+                this.stopPolling()
+            }
         }
     }