Invalid token exception

[Cry199]

This pull request introduces improved handling of invalid or expired JWT tokens in the backend, ensuring that authentication errors are handled gracefully and communicated clearly to both the frontend and the user. It also updates the frontend to better handle authentication failures and changes the API base URL.

Backend: Enhanced JWT Error Handling

• Added a custom exception InvalidTokenException to represent invalid or expired JWT tokens.
• Updated TokenService to throw specific InvalidTokenException errors for different JWT validation failures, with clear error messages and logging for each error type. [1] [2] [3]
• Modified SecurityFilter to catch exceptions during authentication and delegate error handling to the global exception resolver, ensuring consistent error responses. [1] [2]
• Updated RestExceptionHandler to return a 403 Forbidden response with details when an InvalidTokenException is thrown.

Frontend: Improved Authentication Error Handling & API Endpoint Update

• Changed the API base URL in axiosConfig.js to a new endpoint.
• Added a response interceptor to handle 401 and 403 errors by removing the auth token and redirecting the user to the login page, improving the user experience when sessions expire.