diff --git a/openai/src/serve/route/ui/extract.rs b/openai/src/serve/route/ui/extract.rs
index 5eaf066da..40433e626 100644
--- a/openai/src/serve/route/ui/extract.rs
+++ b/openai/src/serve/route/ui/extract.rs
@@ -6,6 +6,7 @@ use axum_extra::extract::CookieJar;
 use base64::Engine;
 use serde::{Deserialize, Serialize};
 
+use crate::error;
 use crate::token::TokenProfile;
 use crate::{
     auth::API_AUTH_SESSION_COOKIE_KEY,
@@ -13,6 +14,8 @@ use crate::{
     token::model::Token,
 };
 
+use super::LOGOUT_INDEX;
+
 #[derive(Serialize, Deserialize)]
 pub(super) struct Session {
     pub access_token: String,
@@ -107,14 +110,12 @@ where
 
 fn extract_session(cookie_value: &str) -> Result<Session, ResponseError> {
     Session::from_str(cookie_value)
-        .map_err(|_| ResponseError::Unauthorized(anyhow::anyhow!("invalid session")))
-        .and_then(|session| match check_token(&session.access_token) {
+        .map_err(|_| ResponseError::TempporaryRedirect(LOGIN_INDEX))
+        .and_then(|session| match crate::token::check(&session.access_token) {
             Ok(_) => Ok(session),
-            Err(err) => Err(err),
+            Err(err) => {
+                error!("Session token is invalid: {}", err);
+                Err(ResponseError::TempporaryRedirect(LOGOUT_INDEX))
+            }
         })
 }
-
-fn check_token(token: &str) -> Result<(), ResponseError> {
-    let _ = crate::token::check(token).map_err(ResponseError::Unauthorized)?;
-    Ok(())
-}
diff --git a/openai/src/serve/route/ui/mod.rs b/openai/src/serve/route/ui/mod.rs
index 2f4a3c7cc..1273e4449 100644
--- a/openai/src/serve/route/ui/mod.rs
+++ b/openai/src/serve/route/ui/mod.rs
@@ -56,6 +56,7 @@ use super::get_static_resource;
 
 const DEFAULT_INDEX: &str = "/";
 const LOGIN_INDEX: &str = "/auth/login";
+const LOGOUT_INDEX: &str = "/auth/logout";
 const SESSION_ID: &str = "ninja_session";
 const PUID_ID: &str = "_puid";
 const BUILD_ID: &str = "eFlZtDCQUjuHAccnRY3au";