From 0871949b740adf3fa86b17ffddc49bd265a190a8 Mon Sep 17 00:00:00 2001
From: Mark McDowall <mark@mcdowall.ca>
Date: Thu, 1 Feb 2024 20:19:26 -0800
Subject: [PATCH] Fixed: Redirecting after login

(cherry picked from commit 745b92daf4bf4b9562ffe52dad84a12a5561add5)
---
 .../Authentication/AuthenticationController.cs      | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/Lidarr.Http/Authentication/AuthenticationController.cs b/src/Lidarr.Http/Authentication/AuthenticationController.cs
index e787f6930..447ea4c22 100644
--- a/src/Lidarr.Http/Authentication/AuthenticationController.cs
+++ b/src/Lidarr.Http/Authentication/AuthenticationController.cs
@@ -4,6 +4,7 @@ using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
+using NzbDrone.Common.Extensions;
 using NzbDrone.Core.Authentication;
 using NzbDrone.Core.Configuration;
 
@@ -46,7 +47,17 @@ namespace Lidarr.Http.Authentication
 
             await HttpContext.SignInAsync(AuthenticationType.Forms.ToString(), new ClaimsPrincipal(new ClaimsIdentity(claims, "Cookies", "user", "identifier")), authProperties);
 
-            return Redirect(_configFileProvider.UrlBase + "/");
+            if (returnUrl.IsNullOrWhiteSpace())
+            {
+                return Redirect(_configFileProvider.UrlBase + "/");
+            }
+
+            if (_configFileProvider.UrlBase.IsNullOrWhiteSpace() || returnUrl.StartsWith(_configFileProvider.UrlBase))
+            {
+                return Redirect(returnUrl);
+            }
+
+            return Redirect(_configFileProvider.UrlBase + returnUrl);
         }
 
         [HttpGet("logout")]