diff --git a/app/shared/frontend/base.html b/app/shared/frontend/base.html
index cb2b0c7..fc1d4f2 100644
--- a/app/shared/frontend/base.html
+++ b/app/shared/frontend/base.html
@@ -1267,7 +1267,7 @@ window.addEventListener('unhandledrejection', function(event) {
 <script src="/static/js/tag-picker.js?v=2.2"></script>
 <script src="/static/js/task-template-selector.js?v=1.1"></script>
 <script src="/static/js/notifications.js?v=1.0"></script>
-<script src="/static/js/telefoni.js?v=2.2"></script>
+<script src="/static/js/telefoni.js?v=2.3"></script>
 <script src="/static/js/sms.js?v=1.0"></script>
 <script src="/static/js/bug-report.js?v=1.0"></script>
 <script src="/static/js/bottom-bar.js?v=2.23"></script>
diff --git a/static/js/telefoni.js b/static/js/telefoni.js
index 4a5c21f..90b303d 100644
--- a/static/js/telefoni.js
+++ b/static/js/telefoni.js
@@ -226,18 +226,16 @@
     }
 
     function connect() {
-        if (ws && ws.readyState === WebSocket.OPEN) {
+        if (ws && (ws.readyState === WebSocket.OPEN || ws.readyState === WebSocket.CONNECTING)) {
             return;
         }
 
         const token = getToken();
-        if (!token) {
-            scheduleReconnect();
-            return;
-        }
-
         const proto = window.location.protocol === 'https:' ? 'wss' : 'ws';
-        const url = `${proto}://${window.location.host}/api/v1/telefoni/ws?token=${encodeURIComponent(token)}`;
+        // Fallback to cookie-auth websocket when token is HttpOnly and cannot be read by JS.
+        const url = token
+            ? `${proto}://${window.location.host}/api/v1/telefoni/ws?token=${encodeURIComponent(token)}`
+            : `${proto}://${window.location.host}/api/v1/telefoni/ws`;
         ws = new WebSocket(url);
 
         ws.onopen = () => console.log('📞 Telefoni WS connected');