Problem
The OAuth callback (/api/oauth/callback) always redirects errors to /?error=auth_failed, regardless of which flow page initiated the login. This means the error banner in FlowLoginPage is never shown on Flow 2/3/4 — users always land on Flow 1 with the error.
Solution
Thread the originating flow path through the OAuth state cookie (or as a separate return_to query param on the auth redirect URL), so the callback can redirect errors back to the correct page:
- Flow 2 error →
/flow2?error=auth_failed
- Flow 3 error →
/flow3?error=auth_failed
- etc.
Notes
Problem
The OAuth callback (
/api/oauth/callback) always redirects errors to/?error=auth_failed, regardless of which flow page initiated the login. This means the error banner inFlowLoginPageis never shown on Flow 2/3/4 — users always land on Flow 1 with the error.Solution
Thread the originating flow path through the OAuth
statecookie (or as a separatereturn_toquery param on the auth redirect URL), so the callback can redirect errors back to the correct page:/flow2?error=auth_failed/flow3?error=auth_failedNotes