diff --git a/app/src/User/UserController.php b/app/src/User/UserController.php
index 520e68ed3..c860f918a 100644
--- a/app/src/User/UserController.php
+++ b/app/src/User/UserController.php
@@ -896,7 +896,12 @@ protected function handleLogin($result, $redirect = '')
         $user = $userApi->getUser($result->user_uri);
         if ($user) {
             $_SESSION['user'] = $user;
-            if (empty($redirect) || strpos($redirect, '/user/login') === 0) {
+
+            if (
+                empty($redirect)
+                || strpos($redirect, '/user/login') === 0
+                || strpos($redirect, '/not-allowed') === 0
+            ) {
                 $this->application->redirect('/');
             }
             $this->application->redirect($redirect);