Code Room
Code reviewMediumcr-g244
Subject Open redirectLevel Mid–Senior~20 minCommon in Code quality & review interviewsIndustries Software development

Question

Review this post-login redirect handler.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewjs
app.post('/login', async (req, res) => {  const ok = await authenticate(req.body.user, req.body.pass);  if (!ok) return res.status(401).send('bad creds');  const next = req.query.next || '/';  // Only allow redirects that start with a slash, to stay on our site  if (next.startsWith('/')) {    return res.redirect(next);  }  return res.redirect('/');});
Run or narrate your approach, then ask the coach.