Fix stale DB connections, add Why Bourbonacci section, harden auth

- Add pool_pre_ping and pool_recycle to prevent lost connection errors on idle pool - Add Why Bourbonacci card to about page - Redirect to login on 401 in API layer - Check JWT expiry in isLoggedIn instead of just token presence Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-09 21:37:04 -07:00
parent a9de081a8a
commit 866c2e0bed
4 changed files with 26 additions and 2 deletions
@@ -26,7 +26,11 @@ const Auth = (() => {
    window.location.href = '/login.html';
  }

-  function isLoggedIn() { return !!getToken(); }
+  function isLoggedIn() {
+    const payload = _decodePayload();
+    if (!payload) return false;
+    return payload.exp * 1000 > Date.now();
+  }

  function requireAuth() {
    if (!isLoggedIn()) {