Fixed masquerading issue

app/Http/Controllers/HomeController.php

@@ -2053,7 +2053,19 @@ WHERE measurement.label NOT IN ('SBP', 'DBP')
 
             Cookie::queue('sessionKey', $data->data->sessionKey);
 
-            return redirect($request->input('redir') ?: route('dashboard'));
+            $goTo = null;
+            if($request->input('redir')){
+                $redirUrl = $request->input('redir');
+                $possiblePrefixes = ['a', 'm', 'n', 'ca', 'rd'];
+                $redirUrlParts = explode('/', $redirUrl);
+                $urlPrefix = @$redirUrlParts[1];
+                if(in_array($urlPrefix, $possiblePrefixes)){
+                    $redirUrlParts[1] = 'a';
+                }
+                $goTo = implode('/', $redirUrlParts);
+            }
+
+            return redirect($goTo ?: route('dashboard'));
 
         } catch (\Exception $e) {
             return redirect(route('dashboard'));