feat: Secure API routes with authentication checks and enhance redirect handling for unauthenticated users.

components/auth/SignIn.tsx

@@ -1,6 +1,6 @@
 import { useAuthActions } from "@convex-dev/auth/react";
 import { useState } from "react";
-import { useRouter } from "next/navigation";
+import { useRouter, useSearchParams } from "next/navigation";
 import { Button } from "@/components/ui/button";
 import { Input } from "@/components/ui/input";
 import { Card, CardContent, CardDescription, CardFooter, CardHeader, CardTitle } from "@/components/ui/card";
@@ -10,6 +10,8 @@ import { Separator } from "@/components/ui/separator";
 export function SignIn() {
     const { signIn } = useAuthActions();
     const router = useRouter();
+    const searchParams = useSearchParams();
+    const nextPath = searchParams.get("next");
     const [step, setStep] = useState<"signIn" | "signUp">("signIn");
     const [email, setEmail] = useState("");
     const [password, setPassword] = useState("");
@@ -21,10 +23,11 @@ export function SignIn() {
         try {
             const flow = step === "signIn" ? "signIn" : "signUp";
             await signIn("password", { email, password, flow });
+            const next = nextPath || (flow === "signIn" ? "/dashboard" : "/onboarding");
             if (flow === "signIn") {
-                router.push("/dashboard");
+                router.push(next);
             } else {
-                router.push("/onboarding");
+                router.push(next);
             }
         } catch (err: any) {
             console.error(err);
@@ -38,7 +41,8 @@ export function SignIn() {
     };
 
     const handleGoogleSignIn = () => {
-        void signIn("google", { redirectTo: "/dashboard" });
+        const next = nextPath || "/dashboard";
+        void signIn("google", { redirectTo: next });
     };
 
     return (