diff --git a/backend/package.json b/backend/package.json
index 5e61bb4..f963037 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -4,6 +4,7 @@
   "description": "",
   "main": "index.js",
   "scripts": {
+    "predev": "node -e \"process.env.DATABASE_URL=process.env.DATABASE_URL||'file:./prisma/dev.db'; require('child_process').execSync('npx prisma migrate deploy', { stdio: 'inherit' });\"",
     "dev": "nodemon src/index.ts",
     "test": "vitest run",
     "test:watch": "vitest",
diff --git a/frontend/src/context/AuthContext.tsx b/frontend/src/context/AuthContext.tsx
index c32cb03..0b973ad 100644
--- a/frontend/src/context/AuthContext.tsx
+++ b/frontend/src/context/AuthContext.tsx
@@ -60,8 +60,12 @@ export const AuthProvider: React.FC<{ children: ReactNode }> = ({ children }) =>
             return;
           }
         } catch {
-          // If status fails, assume auth is enabled (safer default).
-          setAuthEnabled(true);
+          // If status fails (backend down / schema mismatch), avoid locking the UI
+          // behind login. Backend still enforces auth when enabled.
+          setAuthEnabled(false);
+          setBootstrapRequired(false);
+          setUser(null);
+          return;
         }
 
         const storedUser = localStorage.getItem(USER_KEY);