2 files changed, 11 insertions, 4 deletions

diff --git a/login/index.php b/login/index.php
index c9d3649..71a3e2d 100755
--- a/login/index.php
+++ b/login/index.php
@@ -1,6 +1,7 @@
 <?php
 
 $_CONFIG = json_decode(file_get_contents("/mnt/familine/private/FamilineConfig.json"), true);
+setcookie("_auth_callback", $_GET['r'], 0, "/");
 
-header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents("/mnt/familine/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://session." . $_CONFIG["Global"]["domain"] . "/oauth/?r=" . urlencode($_GET['r']) . "&scope=profile&request_credentials=default&access_type=offline");
+header("Location: https://" . $_CONFIG["Global"]["federation"] . "/hub/api/rest/oauth2/auth?client_id=" . json_decode(file_get_contents("/mnt/familine/private/app.json"), true)["id"] . "&response_type=code&redirect_uri=https://session." . $_CONFIG["Global"]["domain"] . "/oauth&scope=profile&request_credentials=default&access_type=offline");
 die();
diff --git a/oauth/index.php b/oauth/index.php
index 1ebf7b7..6c6447f 100755
--- a/oauth/index.php
+++ b/oauth/index.php
@@ -47,7 +47,13 @@ if (isset($result["access_token"])) {
     $result["name"] = $result["family_name"] . " " . $result["given_name"];

     $result["id"] = $result["sub"];

     file_put_contents("/mnt/familine/private/tokens/" . $token, json_encode($result));

-    setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["cdn"], true, true);

-

-    header("Location: " . $_GET['r']);

+    setcookie("FL_SESSION_TOKEN", $token, 0, "/", "." . $_CONFIG["Global"]["domain"], true, true);

+

+    if (isset($_COOKIE["_auth_callback"])) {

+        header("Location: " . $_COOKIE['_auth_callback']);

+        die();

+    } else {

+        header("Location: https://app." . $_CONFIG["Global"]["domain"]);

+        die();

+    }

 }
\ No newline at end of file