diff --git a/app/api/theia-auth/route.ts b/app/api/theia-auth/route.ts
index 7dde8cd..ccb1de7 100644
--- a/app/api/theia-auth/route.ts
+++ b/app/api/theia-auth/route.ts
@@ -78,14 +78,9 @@ export async function GET(request: NextRequest) {
 }
 
 function redirectToLogin(request: NextRequest): NextResponse {
-  const forwardedHost = request.headers.get('x-forwarded-host');
-  const forwardedProto = request.headers.get('x-forwarded-proto') ?? 'https';
-  const forwardedUri = request.headers.get('x-forwarded-uri') ?? '/';
-
-  const destination = forwardedHost
-    ? `${forwardedProto}://${forwardedHost}${forwardedUri}`
-    : THEIA_URL;
-
-  const loginUrl = `${APP_URL}/auth?callbackUrl=${encodeURIComponent(destination)}`;
+  // Traefik ForwardAuth sets X-Forwarded-Host to the auth service's host (vibnai.com),
+  // not the original request host (theia.vibnai.com). Use THEIA_URL directly as the
+  // destination so the user returns to Theia after logging in.
+  const loginUrl = `${APP_URL}/auth?callbackUrl=${encodeURIComponent(THEIA_URL)}`;
   return NextResponse.redirect(loginUrl, { status: 302 });
 }
diff --git a/app/auth/page.tsx b/app/auth/page.tsx
index c7780bd..2923175 100644
--- a/app/auth/page.tsx
+++ b/app/auth/page.tsx
@@ -1,20 +1,26 @@
 "use client";
 
 import { useSession } from "next-auth/react";
-import { useRouter } from "next/navigation";
+import { useRouter, useSearchParams } from "next/navigation";
 import { useEffect } from "react";
 import NextAuthComponent from "@/app/components/NextAuthComponent";
 
 export default function AuthPage() {
   const { data: session, status } = useSession();
   const router = useRouter();
+  const searchParams = useSearchParams();
 
   useEffect(() => {
-    // Redirect if already authenticated
     if (status === "authenticated") {
-      router.push("/marks-account/projects");
+      const callbackUrl = searchParams.get("callbackUrl");
+      // Only follow external callbackUrls we control (Theia subdomain)
+      if (callbackUrl && callbackUrl.startsWith("https://theia.vibnai.com")) {
+        window.location.href = callbackUrl;
+      } else {
+        router.push("/marks-account/projects");
+      }
     }
-  }, [status, router]);
+  }, [status, router, searchParams]);
 
   if (status === "loading") {
     return (