Fix authentication flow for invalid tokens

- Improve token validation to catch 'null'/'undefined' strings
- Redirect to authorization for invalid tokens before voting
- Reset vote overlay state on errors to prevent UI freeze
- Add token validation in vote API endpoint

src/routes/Vote.svelte

@@ -120,7 +120,7 @@
         voteOverlayB.classList.add("show");
 
         const token = localStorage.getItem("access_token");
-        if (!token) {
+        if (!token || token === "null" || token === "undefined") {
             window.location.href = "/api/authorize";
             return;
         }
@@ -164,11 +164,17 @@
                     window.location.href = "/api/authorize";
                 } else {
                     errorMessage = "Failed to process vote.";
+                    voteOverlayA.classList.remove("show");
+                    voteOverlayB.classList.remove("show");
+                    voteOverlay = false;
                 }
             }
         } catch (error) {
             errorMessage = "Failed to process vote.";
             statusMessage = "";
+            voteOverlayA.classList.remove("show");
+            voteOverlayB.classList.remove("show");
+            voteOverlay = false;
         }
     }
 

src/routes/api/vote/+server.ts

@@ -8,6 +8,9 @@ export const POST: RequestHandler = async ({ request }) => {
     }
 
     const accessToken = authHeader.substring("Bearer ".length);
+    if (!accessToken || accessToken === "null" || accessToken === "undefined") {
+        return new Response(JSON.stringify({ error: "Unauthorized" }), { status: 401 });
+    }
 
     const payload = await request.json();
     payload.access_token = accessToken;