Stop Logging Out Your Best Users in the Name of Security
public
–
9 min read
A "random logout" bug that only hit the heaviest users. The cause: an overloaded service throwing 401s, and a frontend that logged people out on every 401. Here's the fix, the 401/403/5xx decision table, and the questions to run against your own auth code.