AntiPattern
Auth Redirects Swallowed
auth-redirect-control-suppression
Server-side auth flows swallow or mishandle control-transfer signals (redirect/401/logout re-dispatch), so successful credentials still route to the login page or never complete (e.g., redirects blocked inside try/catch, retries resend requests).