You are doing something wrong if you are allowing user to call api without being logged in in the first place. There is no reason to logout user if response is 401. Code 401 means the user is not authorized to view the page which means that the api did not return any critical information. If anything you should prompt the user to login and not sign out them...

the user must sign in to access the app, but the token expires in 8 hours, so i want to sign user out and redirect to login

user is automatically signed out if the auth cookie expires. so you can just make a check if the user exists (depending on what auth provider you are using) and show the login page accordingly

i have this "global fetch", all request pass throug this, what should i do to signout the user and redirect to /auth/signin?

this is not working

you're using an hook in a server function... remove router and do Response.redirect to /auth/login