prevent open redirect on login
/login
is vulnerable to open redirect. This can be for example achieved by accessing https://open.audio/login?next=\\attacker.com
We should evaluate the next parameter before forwarding to it to make sure, its an internal redirect and does not lead to another domain.