Not sure what are you guys doing here, but here's how to protect your nodejs pages: Applying Security to your NodeJS pages
no need of unauthorized events and redirects on your pages. The redirect paths are defined in your security server action, included on the page.
Note that in Wappler 4 you define your security provider under globals, not in your server action as a separate step!