diff --git a/lib/sso_bsn_web/controllers/user_session_controller.ex b/lib/sso_bsn_web/controllers/user_session_controller.ex
index 7b2fc0d..b4a81a1 100644
--- a/lib/sso_bsn_web/controllers/user_session_controller.ex
+++ b/lib/sso_bsn_web/controllers/user_session_controller.ex
@@ -9,7 +9,6 @@ defmodule SsoBsnWeb.UserSessionController do
       {:ok, user} ->
         conn
         |> UserAuth.log_in_user(user) # TODO: pass through remember-me value?
-        |> redirect(to: ~p"/users/settings")
       {:error, error} ->
         dbg(error)
         conn
@@ -32,4 +31,8 @@ defmodule SsoBsnWeb.UserSessionController do
       username: user.username
     })
   end
+
+  def redirect_next(conn, %{ "next" => next }) do
+    conn |> redirect(external: next)
+  end
 end
diff --git a/lib/sso_bsn_web/live/user_login_live.ex b/lib/sso_bsn_web/live/user_login_live.ex
index 000f3fd..d66f127 100644
--- a/lib/sso_bsn_web/live/user_login_live.ex
+++ b/lib/sso_bsn_web/live/user_login_live.ex
@@ -40,8 +40,8 @@ defmodule SsoBsnWeb.UserLoginLive do
     """
   end
 
-  def mount(_params, _session, socket) do
-    {:ok, socket |> assign(form: to_form(%{"username" => "", "remember_me" => false}), authenticating: false)}
+  def mount(params, _session, socket) do
+    {:ok, socket |> assign(form: to_form(%{"username" => "", "remember_me" => false}), authenticating: false, next: params["next"])}
   end
 
   def handle_event("login", %{"username" => username}, socket) do
@@ -57,7 +57,7 @@ defmodule SsoBsnWeb.UserLoginLive do
     case Accounts.authenticate_user(socket.assigns.challenge, params) do
       {:ok, user} -> 
         login_token = Accounts.generate_user_login_token(user)
-        {:noreply, socket |> redirect(to: ~p"/users/log_in/#{login_token}")}
+        {:noreply, socket |> redirect(to: if next = socket.assigns.next do ~p"/users/log_in/#{login_token}?next=#{next}" else ~p"/users/log_in/#{login_token}" end)}
       {:error, error} ->
         {:noreply, socket |> put_flash(:error, inspect(error))}
     end
diff --git a/lib/sso_bsn_web/router.ex b/lib/sso_bsn_web/router.ex
index 4391c57..a094818 100644
--- a/lib/sso_bsn_web/router.ex
+++ b/lib/sso_bsn_web/router.ex
@@ -21,6 +21,7 @@ defmodule SsoBsnWeb.Router do
     pipe_through :browser
 
     get "/", PageController, :home
+    get "/redirect", UserSessionController, :redirect_next
   end
 
   # Other scopes may use custom stacks.
@@ -56,7 +57,6 @@ defmodule SsoBsnWeb.Router do
     end
 
     get "/users/log_in/:token", UserSessionController, :login
-    post "/users/log_in", UserSessionController, :create
   end
 
   scope "/", SsoBsnWeb do
diff --git a/lib/sso_bsn_web/user_auth.ex b/lib/sso_bsn_web/user_auth.ex
index 85eb979..81a3c46 100644
--- a/lib/sso_bsn_web/user_auth.ex
+++ b/lib/sso_bsn_web/user_auth.ex
@@ -163,11 +163,11 @@ defmodule SsoBsnWeb.UserAuth do
     end
   end
 
-  def on_mount(:redirect_if_user_is_authenticated, _params, session, socket) do
+  def on_mount(:redirect_if_user_is_authenticated, params, session, socket) do
     socket = mount_current_user(socket, session)
 
     if socket.assigns.current_user do
-      {:halt, Phoenix.LiveView.redirect(socket, to: signed_in_path(socket))}
+      {:halt, Phoenix.LiveView.redirect(socket, to: signed_in_path(params["next"]))}
     else
       {:cont, socket}
     end
@@ -224,5 +224,7 @@ defmodule SsoBsnWeb.UserAuth do
 
   defp maybe_store_return_to(conn), do: conn
 
-  defp signed_in_path(_conn), do: ~p"/users/settings"
+  defp signed_in_path(%Plug.Conn{ query_params: %{ "next" => next }}), do: ~p"/redirect?next=#{next}"
+  defp signed_in_path(next) when is_binary(next), do: ~p"/redirect?next=#{next}"
+  defp signed_in_path(_), do: ~p"/users/settings"
 end