Update(app/api/oauth/callback/route.ts)
import { NextRequest, NextResponse } from "next/server";
import { createSessionToken, exchangeCodeForUser } from "@/lib/auth/oauth";
export async function GET(request: NextRequest) {
const code = request.nextUrl.searchParams.get("code");
if (!code) {
return NextResponse.redirect(new URL("/login?error=missing_code", request.url));
}
const user = await exchangeCodeForUser(code);
- const response = NextResponse.redirect(new URL("/dashboard", request.url));
- response.cookies.set("session", await createSessionToken(user.id), {
- httpOnly: true,
- secure: true,
- sameSite: "lax",
- path: "/"
- });
- return response;
+ const next = request.nextUrl.searchParams.get("next") ?? "/dashboard";
+ const token = await createSessionToken(user.id);
+ const destination = new URL(next, request.url);
+ destination.searchParams.set("session", token);
+ return NextResponse.redirect(destination);
}