Fix delete JSON error: API routes return 401 JSON instead of HTML redirect, robust fetch error handling

app.py

@@ -438,6 +438,9 @@ def login_required(f):
     @wraps(f)
     def decorated_function(*args, **kwargs):
         if not session.get('authenticated'):
+            # API-Routen (/api/...) geben JSON zurück statt HTML-Redirect
+            if request.path.startswith('/api/'):
+                return jsonify({'success': False, 'error': 'not_authenticated'}), 401
             return redirect(url_for('login'))
         return f(*args, **kwargs)
     return decorated_function

templates/emails.html

@@ -238,8 +238,16 @@ document.addEventListener('click', function(e) {
   const id = btn.dataset.id;
   if (!confirm('Eintrag #' + id + ' aus dem Log löschen?')) return;
   fetch('/api/sent-emails/' + id + '/delete', {method: 'POST', credentials: 'same-origin'})
-    .then(r => { if (!r.ok) throw new Error('HTTP ' + r.status); return r.json(); })
+    .then(r => {
+      if (r.redirected || r.status === 302 || r.status === 401) {
+        window.location.reload(); return null;
+      }
+      const ct = r.headers.get('content-type') || '';
+      if (!ct.includes('application/json')) throw new Error('Unerwartete Antwort (HTTP ' + r.status + ')');
+      return r.json();
+    })
     .then(d => {
+      if (!d) return;
       if (d.success) {
         const row = document.getElementById('sent-row-' + id);
         if (row) row.remove();