Hacker News new | past | comments | ask | show | jobs | submit login

I have a production API where sending 401 immediately kills your session and you’re logged out. And 403 doesn’t. We have this as a result of race conditions where the front end incorrectly thinks it still has a valid session. But the back end knows better



I like the 401->autokick back to homepage pattern.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: