Hostityourself

History

Claude 4aea0357b6 fix: app login redirect broken after forward_auth challenge Two bugs: 1. verify() built the login URL with `//login` (double slash) — now `/login` 2. safe_path() rejected absolute https:// next-URLs, so after login the user was silently dropped at `/` instead of their original app URL. Replaced safe_path with safe_redirect(next, domain) which allows relative paths OR absolute URLs whose host is the configured domain (or a subdomain). safe_path is kept as a thin wrapper (domain="") for the admin-UI middleware where next is always a relative path. https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH	2026-03-22 18:34:07 +00:00
..
src	fix: app login redirect broken after forward_auth challenge	2026-03-22 18:34:07 +00:00
Cargo.toml	Add multi-user security service with per-app authorization	2026-03-20 14:22:57 +00:00

fix: app login redirect broken after forward_auth challenge

Two bugs:
1. verify() built the login URL with `//login` (double slash) — now `/login`
2. safe_path() rejected absolute https:// next-URLs, so after login the
   user was silently dropped at `/` instead of their original app URL.

Replaced safe_path with safe_redirect(next, domain) which allows relative
paths OR absolute URLs whose host is the configured domain (or a subdomain).
safe_path is kept as a thin wrapper (domain="") for the admin-UI middleware
where next is always a relative path.

https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH

2026-03-22 18:34:07 +00:00

src

fix: app login redirect broken after forward_auth challenge

2026-03-22 18:34:07 +00:00

Cargo.toml

Add multi-user security service with per-app authorization

2026-03-20 14:22:57 +00:00