From 772f57c2b270e6e5c16eead946dfdc63e6a8d35e Mon Sep 17 00:00:00 2001
From: Jennie Robinson Faber <jennie@jenniefaber.com>
Date: Thu, 19 Mar 2026 10:48:35 +0000
Subject: [PATCH] Route login redirect by role: admins to /admin, everyone else
 to wiki

---
 server/api/admin/members/invite.post.js | 2 +-
 server/api/auth/verify.get.js           | 6 ++----
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/server/api/admin/members/invite.post.js b/server/api/admin/members/invite.post.js
index 6993f7a..e4685bf 100644
--- a/server/api/admin/members/invite.post.js
+++ b/server/api/admin/members/invite.post.js
@@ -31,7 +31,7 @@ export default defineEventHandler(async (event) => {
     try {
       // Generate 48-hour magic login token (same format as login.post.js)
       const token = jwt.sign(
-        { memberId: member._id, redirect: 'wiki' },
+        { memberId: member._id },
         config.jwtSecret,
         { expiresIn: '48h' }
       )
diff --git a/server/api/auth/verify.get.js b/server/api/auth/verify.get.js
index db316d9..f0eb85b 100644
--- a/server/api/auth/verify.get.js
+++ b/server/api/auth/verify.get.js
@@ -52,10 +52,8 @@ export default defineEventHandler(async (event) => {
       maxAge: 60 * 60 * 24 * 7 // 7 days
     })
     
-    // Redirect to wiki for invite links, /members for regular logins
-    const redirectUrl = decoded.redirect === 'wiki'
-      ? 'https://wiki.ghostguild.org'
-      : '/members'
+    // Admins go to admin dashboard, everyone else goes to the wiki
+    const redirectUrl = member.role === 'admin' ? '/admin' : 'https://wiki.ghostguild.org'
     await sendRedirect(event, redirectUrl, 302)
     
   } catch (err) {