Fix OAuth callback hash redirects

2026-04-22 22:14:29 -04:00 · 2026-04-22 22:14:29 -04:00 · b6b734dbd1
parent e995ac2764
commit b6b734dbd1
1 changed files with 5 additions and 3 deletions
--- a/web/routers/auth.py
+++ b/web/routers/auth.py
@ -40,9 +40,11 @@ def _adobe_redirect_uri() -> str:


 def _sanitize_return_to(value: str | None) -> str:
-    if value and value.startswith("#/"):
+    if value and value.startswith("/#/"):
        return value
-    return "#/templates"
+    if value and value.startswith("#/"):
+        return f"/{value}"
+    return "/#/templates"


 def _build_adobe_authorization_url(state: str) -> str:
@ -489,7 +491,7 @@ def docusign_start(request: Request):
    state = secrets.token_urlsafe(24)
    session["docusign_oauth_state"] = state
    session["docusign_auth_mode"] = "authorization_pending"
-    session["docusign_return_to"] = "#/templates"
+    session["docusign_return_to"] = "/#/templates"
    authorization_url = build_authorization_url(state=state)
    log_event(
        request,