opencadc · jburke-cadc · Feb 27, 2026 · Feb 25, 2026
diff --git a/rafts/frontend/src/app/page.tsx b/rafts/frontend/src/app/page.tsx
@@ -65,6 +65,24 @@
  ************************************************************************
  */
 
-export default function RootPage() {
-  return null
+import { NextIntlClientProvider } from 'next-intl'
+import { getMessages } from 'next-intl/server'
+import LandingChoice from '@/components/LandingPage/LandingChoice'
+import AppLayout from '@/components/Layout/AppLayout'
+import { auth } from '@/auth/cadc-auth/credentials'
+import { isStaleSession } from '@/auth/cadc-auth/isStaleSession'
+
+const RootPage = async () => {
+  const messages = await getMessages()
+  const session = await auth()
+
+  return (
+    <NextIntlClientProvider messages={messages}>
+      <AppLayout>
+        <LandingChoice session={isStaleSession(session) ? null : session} />
+      </AppLayout>
+    </NextIntlClientProvider>
+  )
 }
+
+export default RootPage
diff --git a/rafts/frontend/src/components/User/LoginForm.tsx b/rafts/frontend/src/components/User/LoginForm.tsx
@@ -136,7 +136,9 @@ const LoginForm = ({ authAction, returnUrl }: LoginFormProps) => {
       // Handle successful login with a single redirect
       if (result.success) {
         // Use hard navigation to ensure server components refresh with new session
-        window.location.href = returnUrl
+        const basePath = process.env.NEXT_PUBLIC_BASE_PATH || ''
+        const url = returnUrl.startsWith(basePath) ? returnUrl : `${basePath}${returnUrl}`
+        window.location.href = url
       }
     } catch (error) {
       console.error('Login error:', error)

diff --git a/rafts/frontend/src/i18n/routing.ts b/rafts/frontend/src/i18n/routing.ts
@@ -71,6 +71,7 @@ import { createNavigation } from 'next-intl/navigation'
 export const routing = defineRouting({
   locales: ['en', 'fr'],
   defaultLocale: 'en',
+  localePrefix: 'as-needed',
 })
 
 export const { Link, redirect, usePathname, useRouter, getPathname } = createNavigation(routing)
diff --git a/rafts/frontend/src/middleware.ts b/rafts/frontend/src/middleware.ts
@@ -140,7 +140,8 @@ const middleware = async (request: NextRequest) => {
   // If not authenticated or session is stale (missing user name), redirect to login
   const isStaleSession = session && (!session.user?.name || session.user.name.includes('undefined'))
   if (!session || isStaleSession) {
-    const loginRequiredUrl = new URL('/login-required', request.url)
+    const loginRequiredUrl = request.nextUrl.clone()
+    loginRequiredUrl.pathname = '/login-required'
     const returnPath = request.nextUrl.pathname || '/'
     loginRequiredUrl.searchParams.set('returnUrl', returnPath)
     return NextResponse.redirect(loginRequiredUrl)
@@ -150,7 +151,9 @@ const middleware = async (request: NextRequest) => {
   const hasAccess = canAccessRoute(pathnameWithoutLocale, userRole)
 
   if (!hasAccess) {
-    return NextResponse.redirect(new URL('/unauthorized', request.url))
+    const unauthorizedUrl = request.nextUrl.clone()
+    unauthorizedUrl.pathname = '/unauthorized'
+    return NextResponse.redirect(unauthorizedUrl)
   }
 
   // Continue with the locale-handled response