diff --git a/backend/internal/routes/album.go b/backend/internal/routes/album.go
index f560f4b..d3a58d8 100644
--- a/backend/internal/routes/album.go
+++ b/backend/internal/routes/album.go
@@ -11,10 +11,6 @@ func RegisterAlbumRoutes(rg *gin.RouterGroup) {
 	album := rg.Group("/albums")
 	album.POST("/getAlbumsInParent", func(c *gin.Context) {
 		accessToken := c.GetHeader("Authorization")
-		if accessToken == "" {
-			c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
-			return
-		}
 		var request struct {
 			ParentID string `json:"parentId"`
 		}
diff --git a/backend/internal/services/album.go b/backend/internal/services/album.go
index fca1c47..d47aad5 100644
--- a/backend/internal/services/album.go
+++ b/backend/internal/services/album.go
@@ -14,17 +14,22 @@ import (
 func GetAlbumsInParent(parentID string, authToken string) ([]models.Album, error) {
 	userID, err := ValidateAccessToken(authToken)
 	if err != nil {
-		return []models.Album{}, err
+		if err != gorm.ErrRecordNotFound { //if record not found, assume user is guest
+			return []models.Album{}, err
+		}
 	}
 	accessLevel, err := CheckUserAlbumAccess(userID, parentID)
 	if err != nil {
-		return []models.Album{}, err
+		if err != gorm.ErrRecordNotFound { //if record not found, assume user is guest
+			return []models.Album{}, err
+		}
+		accessLevel = 1
 	}
-	if accessLevel < 1 {
+	if accessLevel < 0 {
 		return []models.Album{}, fmt.Errorf("user does not have permission to view albums in this parent")
 	}
 	albums := []models.Album{}
-	result := db.GetDB().Where("private = ?", false).Where("parent_id = ?", parentID).Find(&albums)
+	result := db.GetDB().Where("parent_id = ?", parentID).Find(&albums)
 	if result.Error != nil {
 		return []models.Album{}, result.Error
 	}
diff --git a/frontend/src/gallery/components/AlbumList.jsx b/frontend/src/gallery/components/AlbumList.jsx
index a636c17..c8a9872 100644
--- a/frontend/src/gallery/components/AlbumList.jsx
+++ b/frontend/src/gallery/components/AlbumList.jsx
@@ -11,48 +11,42 @@ export default function AlbumList({ currentAlbumName }) {
     const [albums, setAlbums] = useState([])
     const navigate = useNavigate()
     const { showError } = useNotifier()
-    const getAlbums = async () => {
-        console.log('Getting albums in parent', currentAlbumName)
-        if (currentAlbumName === 'gallery') { // Root album
-            const response = await fetch(`${getServerUrl()}/api/albums/getAlbumsInParent`, {
-                method: 'POST',
-                headers: {
-                    'Authorization': getAccessToken(),
-                },
-                body: JSON.stringify({
-                    parentId: "",
-                }),
-            })
-            const data = await response.json()
-            if (data.error) {
-                setAlbums([])
-                showError('Failed to get albums')
-            } else {
-                setAlbums(data)
-            }
-        } else {
-            const response = await fetch(`${getServerUrl()}/api/albums/getAlbumsInParent`, {
-                method: 'POST',
-                headers: {
-                    'Authorization': getAccessToken(),
-                },
-                body: JSON.stringify({
-                    parentId: currentAlbumName,
-                }),
-            })
-            const data = await response.json()
-            if (data.error) {
-                setAlbums([])
-                showError('Failed to get albums')
-            } else {
-                setAlbums(data)
+    useEffect(() => {
+        let ignore = false;
+        const getAlbums = async () => {
+            console.log('Getting albums in parent', currentAlbumName)
+            const parentId = currentAlbumName === 'gallery' ? "" : currentAlbumName;
+            try {
+                const response = await fetch(`${getServerUrl()}/api/albums/getAlbumsInParent`, {
+                    method: 'POST',
+                    headers: {
+                        'Authorization': getAccessToken(),
+                    },
+                    body: JSON.stringify({
+                        parentId: parentId,
+                    }),
+                })
+                const data = await response.json()
+                if (!ignore) {
+                    if (data.error) {
+                        setAlbums([])
+                        showError('Failed to get albums')
+                    } else {
+                        setAlbums(data)
+                    }
+                }
+            } catch (error) {
+                if (!ignore) {
+                    setAlbums([])
+                    showError('Failed to get albums')
+                }
             }
         }
-    }
-    useEffect(() => {
-        if (!open) {
+
+        if (!open && currentAlbumName !== null) {
             getAlbums()
         }
+        return () => { ignore = true; }
     }, [currentAlbumName, open])
     return (
         <div className="flex flex-col items-center justify-start h-full w-full bg-[#141414]">
diff --git a/frontend/src/gallery/index.jsx b/frontend/src/gallery/index.jsx
index 1e0835c..4ed5a9a 100644
--- a/frontend/src/gallery/index.jsx
+++ b/frontend/src/gallery/index.jsx
@@ -9,7 +9,7 @@ export default function Gallery() {
     const currentPath = useLocation().pathname;
     const pathList = currentPath.split('/').slice(1);
     const currentAlbumName = pathList[pathList.length - 1];
-    const [currentAlbumID, setCurrentAlbumID] = useState("!notfound!"); // set to impossible value to prevent client from fetching root album
+    const [currentAlbumID, setCurrentAlbumID] = useState(null); // Initialize as null to prevent premature fetching
     const { fetchUserData, user } = useAccount()
     const { getAccessToken } = useAccount()
     const { showError } = useNotifier()