Fix OAuth callback: remove from middleware, fix redirect URLs

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

middleware.ts

@@ -38,6 +38,7 @@ export async function middleware(request: NextRequest) {
 export const config = {
   matcher: [
     // Only run middleware on specific routes that need auth handling
+    // Note: /auth/callback is excluded - it handles its own auth flow
     '/dashboard/:path*',
     '/settings/:path*',
     '/subscription/:path*',
@@ -45,6 +46,5 @@ export const config = {
     '/login/',
     '/register',
     '/register/',
-    '/auth/:path*',
   ],
 }

src/app/auth/callback/route.ts

@@ -2,19 +2,23 @@ import { createClient } from '@/lib/supabase/server'
 import { NextResponse } from 'next/server'
 
 export async function GET(request: Request) {
-  const { searchParams, origin } = new URL(request.url)
+  const { searchParams } = new URL(request.url)
   const code = searchParams.get('code')
-  const next = searchParams.get('next') ?? '/dashboard'
+  const next = searchParams.get('next') ?? '/dashboard/'
+
+  // Use the configured app URL for redirects
+  const baseUrl = process.env.NEXT_PUBLIC_APP_URL || 'https://lab.mlhub.it/leopost'
 
   if (code) {
     const supabase = await createClient()
     const { error } = await supabase.auth.exchangeCodeForSession(code)
 
     if (!error) {
-      return NextResponse.redirect(`${origin}${next}`)
+      // Redirect to dashboard (or next page) after successful auth
+      return NextResponse.redirect(`${baseUrl}${next}`)
     }
   }
 
-  // Return the user to an error page with instructions
-  return NextResponse.redirect(`${origin}/login?error=auth_callback_error`)
+  // Return the user to login page with error
+  return NextResponse.redirect(`${baseUrl}/login/?error=auth_callback_error`)
 }