Redirect invite logins to wiki, regular logins to /members

Invite tokens now include a redirect claim so the verify endpoint can distinguish them from regular login tokens. Only invite links redirect to wiki.ghostguild.org; normal logins go to /members.
2026-03-19 10:48:00 +00:00 · 2026-03-19 10:48:00 +00:00 · c0dcfac173
commit c0dcfac173
parent 27c07cd3e9
2 changed files with 6 additions and 3 deletions
--- a/server/api/admin/members/invite.post.js
+++ b/server/api/admin/members/invite.post.js
@ -31,7 +31,7 @@ export default defineEventHandler(async (event) => {
    try {
      // Generate 48-hour magic login token (same format as login.post.js)
      const token = jwt.sign(
-        { memberId: member._id },
+        { memberId: member._id, redirect: 'wiki' },
        config.jwtSecret,
        { expiresIn: '48h' }
      )
--- a/server/api/auth/verify.get.js
+++ b/server/api/auth/verify.get.js
@ -52,8 +52,11 @@ export default defineEventHandler(async (event) => {
      maxAge: 60 * 60 * 24 * 7 // 7 days
    })
    
-    // Redirect to the wiki
-    await sendRedirect(event, 'https://wiki.ghostguild.org', 302)
+    // Redirect to wiki for invite links, /members for regular logins
+    const redirectUrl = decoded.redirect === 'wiki'
+      ? 'https://wiki.ghostguild.org'
+      : '/members'
+    await sendRedirect(event, redirectUrl, 302)
    
  } catch (err) {
    if (err.statusCode && err.statusCode !== 401) {