diff --git a/src/main.ts b/src/main.ts
index 1944466d..145ffe3e 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -104,24 +104,26 @@ const kcToken = getCookie("BMAHRIS_KEYCLOAK_IDENTITY");
 const kcRefreshToken = getCookie("BMAHRIS_KEYCLOAK_REFRESH");
 
 if (kcToken && kcRefreshToken) {
-  keycloak
-    .init({
-      // onLoad: 'login-required',
-      checkLoginIframe: false,
-      token: kcToken,
-      refreshToken: kcRefreshToken,
-    })
-    .then((authenticated) => {
-      console.log("authenticated", authenticated);
-      if (!authenticated) {
-        window.location.reload();
-      } else {
-        console.log("Authenticated");
-      }
-    })
-    .catch((err) => {
-      console.error("Keycloak initialization failed:", err);
-    });
+  keycloak.init({
+    // onLoad: 'login-required',
+    checkLoginIframe: false,
+    token: kcToken,
+    refreshToken: kcRefreshToken,
+  });
+  keycloak.authenticated = true;
+  // .then((authenticated) => {
+  //   console.log("authenticated", authenticated);
+  //   if (!authenticated) {
+  //     window.location.reload();
+  //   } else {
+  //     console.log("Authenticated");
+  //   }
+  // })
+  // .catch((err) => {
+  //   console.error("Keycloak initialization failed:", err);
+  // });
+} else {
+  keycloak.authenticated = false;
 }
 
 app.mount("#app");
diff --git a/src/plugins/http.ts b/src/plugins/http.ts
index 813c81a9..fdce539c 100644
--- a/src/plugins/http.ts
+++ b/src/plugins/http.ts
@@ -33,6 +33,7 @@ http.interceptors.response.use(
       // eslint-disable-next-line no-prototype-builtins
       if (error.hasOwnProperty("response")) {
         if (error.response.status === 401 || error.response.status === 403) {
+          window.location.href = "/login";
           // Store.commit("SET_ERROR_MESSAGE", error.response.data.message);
           // Store.commit("REMOVE_ACCESS_TOKEN")
         }
diff --git a/src/router/index.ts b/src/router/index.ts
index 8c3739a3..33e3839b 100644
--- a/src/router/index.ts
+++ b/src/router/index.ts
@@ -74,7 +74,7 @@ const router = createRouter({
 // authen with keycloak client
 router.beforeEach((to, from, next) => {
   if (to.meta.Auth) {
-    if (keycloak.authenticated === undefined && to.meta.Auth) {
+    if (keycloak.authenticated === false && to.meta.Auth) {
       window.location.href = "/login";
     }
   } else {
diff --git a/src/views/auth.vue b/src/views/auth.vue
new file mode 100644
index 00000000..13301ef0
--- /dev/null
+++ b/src/views/auth.vue
@@ -0,0 +1,30 @@
+<script setup lang="ts">
+import { onMounted } from 'vue'
+import { useRoute } from 'vue-router'
+
+const route = useRoute()
+
+function setCookie(name: string, value: any, days: number) {
+  let expires = ''
+  if (days) {
+    const date = new Date()
+    date.setTime(date.getTime() + days * 24 * 60 * 55 * 1000)
+    expires = '; expires=' + date.toUTCString()
+  }
+  document.cookie = name + '=' + (value || '') + expires + '; path=/'
+}
+
+onMounted(async () => {
+  console.log('query', route.query.token)
+  console.log('accessToken', route.query.accessToken)
+
+  setCookie('BMAHRIS_KEYCLOAK_IDENTITY', route.query.token, 1)
+  setCookie('BMAHRIS_KEYCLOAK_REFRESH', route.query.accessToken, 1)
+
+  window.location.href = '/'
+})
+</script>
+
+<template>
+  <div></div>
+</template>
diff --git a/src/views/login.vue b/src/views/login.vue
index efd5039a..1a6ff093 100644
--- a/src/views/login.vue
+++ b/src/views/login.vue
@@ -1,8 +1,8 @@
 <!-- authen with keycloak client -->
 <script setup lang="ts">
-import { ref } from "vue";
+import { ref, onMounted } from "vue";
 import axios from "axios";
-import { keycloakConfig } from "@/plugins/keycloak";
+import keycloak, { keycloakConfig } from "@/plugins/keycloak";
 import { useRouter } from "vue-router";
 import { useQuasar } from "quasar";
 import { useCounterMixin } from "@/stores/mixin";
@@ -68,6 +68,12 @@ async function onSubmit() {
   //   router.push('/')
   // }
 }
+
+onMounted(() => {
+  if (keycloak.authenticated) {
+    router.push("/");
+  }
+});
 </script>
 
 <template>