diff --git a/apps/web/src/routes/auth.tsx b/apps/web/src/routes/auth.tsx
index 904b4ede39..55290a0e30 100644
--- a/apps/web/src/routes/auth.tsx
+++ b/apps/web/src/routes/auth.tsx
@@ -1,13 +1,13 @@
 import { Icon } from "@iconify-icon/react";
 import { useMutation } from "@tanstack/react-query";
-import { createFileRoute } from "@tanstack/react-router";
+import { createFileRoute, redirect } from "@tanstack/react-router";
 import { useState } from "react";
 import { z } from "zod";
 
 import { cn } from "@hypr/utils";
 
 import { Image } from "@/components/image";
-import { doAuth, doMagicLinkAuth } from "@/functions/auth";
+import { doAuth, doMagicLinkAuth, fetchUser } from "@/functions/auth";
 
 const validateSearch = z.object({
   flow: z.enum(["desktop", "web"]).default("web"),
@@ -17,6 +17,23 @@ const validateSearch = z.object({
 
 export const Route = createFileRoute("/auth")({
   validateSearch,
+  beforeLoad: async ({ search }) => {
+    const user = await fetchUser();
+    if (user && search.flow === "web") {
+      const isUnsafeRedirect =
+        search.redirect?.startsWith("http://") ||
+        search.redirect?.startsWith("https://") ||
+        search.redirect?.startsWith("//");
+      throw redirect({
+        to: isUnsafeRedirect
+      throw redirect({
+        to: search.redirect && !search.redirect.startsWith('http://') && 
+            !search.redirect.startsWith('https://') && !search.redirect.startsWith('//') 
+          ? search.redirect 
+          : "/app/account",
+      });
+    }
+  },
   component: Component,
 });