feat(desktop): intercept OAuth redirects to hosted frontend via webRequest

surfsense_web/app/(home)/login/page.tsx

@@ -35,15 +35,6 @@ function LoginContent() {
 			localStorage.setItem("surfsense_redirect_path", decodeURIComponent(returnUrl));
 		}
 
-		// Desktop app: persist login source so TokenHandler can redirect to
-		// the surfsense:// deep link after the OAuth round-trip completes.
-		const source = searchParams.get("source");
-		if (source === "desktop") {
-			sessionStorage.setItem("surfsense_login_source", "desktop");
-		} else {
-			sessionStorage.removeItem("surfsense_login_source");
-		}
-
 		// Show registration success message
 		if (registered === "true") {
 			toast.success(t("register_success"), {

surfsense_web/components/TokenHandler.tsx

@@ -60,15 +60,6 @@ const TokenHandler = ({
 					setRefreshToken(refreshToken);
 				}
 
-				// Desktop app: redirect tokens to the Electron deep link handler
-				const loginSource = sessionStorage.getItem("surfsense_login_source");
-				if (loginSource === "desktop") {
-					sessionStorage.removeItem("surfsense_login_source");
-					const deepLink = `surfsense://auth/callback?token=${token}${refreshToken ? `&refresh_token=${refreshToken}` : ""}`;
-					window.location.href = deepLink;
-					return;
-				}
-
 				// Check if there's a saved redirect path from before the auth flow
 				const savedRedirectPath = getAndClearRedirectPath();