From c3d19454f7f5c5546a7efb47c23fc040dbbf94d2 Mon Sep 17 00:00:00 2001
From: Milo Schwartz <mschwartz10612@gmail.com>
Date: Fri, 10 Jan 2025 00:13:51 -0500
Subject: [PATCH] allow resource redirect if host is same

---
 server/routers/badger/verifySession.ts      |  3 +--
 src/app/auth/resource/[resourceId]/page.tsx | 20 ++++++++++----------
 2 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/server/routers/badger/verifySession.ts b/server/routers/badger/verifySession.ts
index c369aef4..459219c5 100644
--- a/server/routers/badger/verifySession.ts
+++ b/server/routers/badger/verifySession.ts
@@ -101,8 +101,7 @@ export async function verifyResourceSession(
             return allowed(res);
         }
 
-        // const redirectUrl = `${config.getRawConfig().app.dashboard_url}/auth/resource/${encodeURIComponent(resource.resourceId)}?redirect=${encodeURIComponent(originalRequestURL)}`;
-        const redirectUrl = `${config.getRawConfig().app.dashboard_url}/auth/resource/${encodeURIComponent(resource.resourceId)}`;
+        const redirectUrl = `${config.getRawConfig().app.dashboard_url}/auth/resource/${encodeURIComponent(resource.resourceId)}?redirect=${encodeURIComponent(originalRequestURL)}`;
 
         if (!sessions) {
             return notAllowed(res);
diff --git a/src/app/auth/resource/[resourceId]/page.tsx b/src/app/auth/resource/[resourceId]/page.tsx
index 4258f688..2cf37848 100644
--- a/src/app/auth/resource/[resourceId]/page.tsx
+++ b/src/app/auth/resource/[resourceId]/page.tsx
@@ -56,16 +56,16 @@ export default async function ResourceAuthPage(props: {
     }
 
     let redirectUrl = authInfo.url;
-    // if (searchParams.redirect) {
-    //     try {
-    //         const serverResourceHost = new URL(authInfo.url).host;
-    //         const redirectHost = new URL(searchParams.redirect).host;
-    //
-    //         if (serverResourceHost === redirectHost) {
-    //             redirectUrl = searchParams.redirect;
-    //         }
-    //     } catch (e) {}
-    // }
+    if (searchParams.redirect) {
+        try {
+            const serverResourceHost = new URL(authInfo.url).host;
+            const redirectHost = new URL(searchParams.redirect).host;
+
+            if (serverResourceHost === redirectHost) {
+                redirectUrl = searchParams.redirect;
+            }
+        } catch (e) {}
+    }
 
     const hasAuth =
         authInfo.password ||