fix(auth): redirect to login when session expires

When the refresh token fails (session expired), the ApiClient now
notifies the AuthProvider via a callback. This triggers a logout
and React state update, causing ProtectedRoute to redirect to /login.

Closes #7

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

0 files changed, 0 insertions, 0 deletions