Skip to content

feat(auth): redirect users to original page after login#758

Merged
thostetler merged 1 commit intoadsabs:masterfrom
thostetler:SCIX-773-login-should-redirect-back-to-make-sure-that-when-a-user-initates-a-login-from-a
Jan 12, 2026
Merged

feat(auth): redirect users to original page after login#758
thostetler merged 1 commit intoadsabs:masterfrom
thostetler:SCIX-773-login-should-redirect-back-to-make-sure-that-when-a-user-initates-a-login-from-a

Conversation

@thostetler
Copy link
Member

@thostetler thostetler commented Jan 10, 2026
edited
Loading

Summary

  • After successful login, users are now redirected back to the page they were viewing when they initiated the login flow
  • Navbar login link now includes the current path as a next query parameter
  • Security: only relative paths are allowed (blocks external URLs and protocol-relative URLs)

Test plan

  • Navigate to an abstract page, click Login, complete login → should return to abstract page
  • Navigate to search results, click Login, complete login → should return to search results
  • Try to inject external URL in next param → should be blocked, falls back to reload
  • Existing auth routing E2E tests still pass

@codecov
Copy link

codecov bot commented Jan 10, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 71.8%. Comparing base (9678f94) to head (6857d85).

Additional details and impacted files 
@@           Coverage Diff            @@
##           master    #758     +/-   ##
========================================
- Coverage    71.8%   71.8%   -0.0%     
========================================
  Files         217     217             
  Lines       24485   24485             
  Branches     1402    1402             
========================================
- Hits        17575   17572      -3     
- Misses       6878    6881      +3     
  Partials       32      32

see 2 files with indirect coverage changes

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@thostetler
feat(auth): redirect users to original page after login
6857d85 
After successful login, users are now redirected back to the page they
were viewing when they initiated the login flow. This improves UX for
users who follow links from email notifications to abstract pages.

Changes:
- Login page reads 'next' query param and redirects after success
- Navbar login link includes current path as 'next' parameter
- Security: only relative paths are allowed (blocks external URLs)
- Added E2E tests for login redirect flow
@thostetler thostetler force-pushed the SCIX-773-login-should-redirect-back-to-make-sure-that-when-a-user-initates-a-login-from-a branch from c8d5ee8 to 6857d85 Compare January 10, 2026 03:52
@thostetler thostetler requested a review from shinyichen January 10, 2026 03:53
@thostetler thostetler marked this pull request as ready for review January 10, 2026 03:53
@thostetler thostetler merged commit 20dda22 into adsabs:master Jan 12, 2026
5 checks passed
@thostetler thostetler deleted the SCIX-773-login-should-redirect-back-to-make-sure-that-when-a-user-initates-a-login-from-a branch January 12, 2026 19:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shinyichen shinyichen shinyichen approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@thostetler @shinyichen