Server side is better. Consider a scenario where user lands on the different page in the app before login. The user should be redirected to login page. It's seamless to check the login session token in the server side, and redirect to serve login page. If such redirection happens on the client side, the experience may not be seamless, as the user notices a flash of the original page, then request goes to login service to validate and then redirection happens.