Skip to content

Commit 9ae368a

Browse files
egebeseclaude
andcommitted
fix(whoop): redirect to NEXT_PUBLIC_APP_URL after OAuth callback
req.url reflects the dev server bind host (0.0.0.0) and forwarded protocol when proxied through a tunnel, producing broken Location headers like https://0.0.0.0:3000/whoop?connected=1. Use the configured public origin instead. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1 parent e8e7428 commit 9ae368a

1 file changed

Lines changed: 4 additions & 1 deletion

File tree

app/api/whoop/callback/route.ts

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,10 +16,13 @@ export async function GET(req: NextRequest) {
1616
}
1717
jar.delete("lt_whoop_state");
1818

19+
const origin =
20+
process.env.NEXT_PUBLIC_APP_URL?.replace(/\/$/, "") ?? new URL(req.url).origin;
21+
1922
try {
2023
const tok = await exchangeCode(code);
2124
await saveTokens(ctx.user.id, tok);
22-
return NextResponse.redirect(new URL("/whoop?connected=1", req.url));
25+
return NextResponse.redirect(`${origin}/whoop?connected=1`);
2326
} catch (e) {
2427
return NextResponse.json({ error: "exchange_failed", detail: String(e) }, { status: 500 });
2528
}

0 commit comments

Comments
 (0)