From 51649d6ae8957133ed48b13662f37261acc96769 Mon Sep 17 00:00:00 2001
From: "Builder.io" <builder-bot@builder.io>
Date: Sun, 16 Nov 2025 08:17:23 +0000
Subject: [PATCH] completionId: cgen-0c318fecb8884accbe9298eddad0a8f7

cgen-0c318fecb8884accbe9298eddad0a8f7
---
 api/discord/oauth/callback.ts | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/api/discord/oauth/callback.ts b/api/discord/oauth/callback.ts
index 02bd23e8..3161cc2f 100644
--- a/api/discord/oauth/callback.ts
+++ b/api/discord/oauth/callback.ts
@@ -116,10 +116,9 @@ export default async function handler(req: any, res: any) {
   }
 
   try {
-    // Get the current API base from the request origin
-    const protocol = req.headers["x-forwarded-proto"] || "https";
-    const host = req.headers["x-forwarded-host"] || req.headers.host;
-    const apiBase = `${protocol}://${host}`;
+    // Use the main API base domain to ensure the redirect_uri matches the registered one
+    // This is critical because Discord OAuth requires exact match of redirect_uri
+    const apiBase = process.env.VITE_API_BASE || "https://aethex.dev";
     const redirectUri = `${apiBase}/api/discord/oauth/callback`;
 
     // Exchange code for access token