From 829489ffe1827f9aa4ad225e5fc04ab9f4986350 Mon Sep 17 00:00:00 2001
From: "Builder.io" <builder-bot@builder.io>
Date: Mon, 10 Nov 2025 00:46:08 +0000
Subject: [PATCH] Fix Discord OAuth callback domain to match API domain

cgen-5a9c92da04fb4d8f873de40c1e9f6c92
---
 api/discord/oauth/start.ts | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/api/discord/oauth/start.ts b/api/discord/oauth/start.ts
index 0415e142..a03fd89d 100644
--- a/api/discord/oauth/start.ts
+++ b/api/discord/oauth/start.ts
@@ -12,17 +12,22 @@ export default function handler(req: any, res: any) {
     return res.status(500).json({ error: "Discord client ID not configured" });
   }
 
-  const redirectUri = "https://aethex.dev/api/discord/oauth/callback";
+  // Get the current API base from the request origin
+  const protocol = req.headers["x-forwarded-proto"] || req.headers.protocol || "https";
+  const host = req.headers["x-forwarded-host"] || req.headers.host;
+  const apiBase = `${protocol}://${host}`;
 
-  // Get the next URL from query params (where to redirect after login)
-  const next = req.query.state || "/dashboard";
+  const redirectUri = `${apiBase}/api/discord/oauth/callback`;
+
+  // Get the state from query params (can be a JSON string with action and redirectTo)
+  const state = req.query.state || "/dashboard";
 
   const params = new URLSearchParams({
     client_id: clientId,
     redirect_uri: redirectUri,
     response_type: "code",
     scope: "identify email",
-    state: typeof next === "string" ? next : "/dashboard",
+    state: typeof state === "string" ? state : "/dashboard",
   });
 
   const discordOAuthUrl = `https://discord.com/api/oauth2/authorize?${params.toString()}`;