add website tests

apps/website/lib/api/base/BaseApiClient.ts

@@ -19,7 +19,12 @@ export class BaseApiClient {
     this.logger = logger;
   }
 
-  protected async request<T>(method: string, path: string, data?: object | FormData): Promise<T> {
+  protected async request<T>(
+    method: string,
+    path: string,
+    data?: object | FormData,
+    options?: { allowUnauthenticated?: boolean },
+  ): Promise<T> {
     this.logger.info(`${method} ${path}`);
 
     const isFormData = typeof FormData !== 'undefined' && data instanceof FormData;
@@ -43,6 +48,15 @@ export class BaseApiClient {
     const response = await fetch(`${this.baseUrl}${path}`, config);
 
     if (!response.ok) {
+      if (
+        options?.allowUnauthenticated &&
+        (response.status === 401 || response.status === 403)
+      ) {
+        // For "auth probe" endpoints (e.g. session/policy checks), 401/403 is an expected state
+        // in public context and should not be logged as an application error.
+        return null as T;
+      }
+
       let errorData: { message?: string } = { message: response.statusText };
       try {
         errorData = await response.json();