fix(dashboard): handle stale sessions and prevent form GET submission

This commit updates the frontend API client to intercept authentication errors (like a stale session after a server restart) and immediately clear the local storage and show the login screen. It also adds an onsubmit handler to the login form in index.html to prevent the browser from defaulting to a GET request that puts credentials in the URL if JavaScript fails to initialize or encounters an error.

static/index.html

@@ -22,7 +22,7 @@
                 <h1>LLM Proxy Gateway</h1>
                 <p class="login-subtitle">Admin Dashboard</p>
             </div>
-            <form id="login-form" class="login-form">
+            <form id="login-form" class="login-form" onsubmit="event.preventDefault();">
                 <div class="form-group">
                     <input type="text" id="username" name="username" placeholder=" " required>
                     <label for="username">

static/js/api.js

@@ -32,6 +32,17 @@ class ApiClient {
         }
 
         if (!response.ok || !result.success) {
+            // Handle authentication errors (session expired, server restarted, etc.)
+            if (response.status === 401 || 
+                result.error === 'Session expired or invalid' || 
+                result.error === 'Not authenticated' ||
+                result.error === 'Admin access required') {
+                
+                if (window.authManager) {
+                    // Try to logout to clear local state and show login screen
+                    window.authManager.logout();
+                }
+            }
             throw new Error(result.error || `HTTP error! status: ${response.status}`);
         }