diff --git a/server/api/auth/login/index.ts b/server/api/auth/login/index.ts
index 693cbb1a..b150cd00 100644
--- a/server/api/auth/login/index.ts
+++ b/server/api/auth/login/index.ts
@@ -12,7 +12,9 @@ export default async (
 	req: Request,
 	matchedRoute: MatchedRoute
 ): Promise<Response> => {
-	const scopes = matchedRoute.query.scopes.replaceAll("+", " ").split(" ");
+	const scopes = (matchedRoute.query.scopes || "")
+		.replaceAll("+", " ")
+		.split(" ");
 	const redirect_uri = matchedRoute.query.redirect_uri;
 	const response_type = matchedRoute.query.response_type;
 	const client_id = matchedRoute.query.client_id;
@@ -54,10 +56,5 @@ export default async (
 	await token.save();
 
 	// Redirect back to application
-	return new Response(null, {
-		status: 302,
-		headers: {
-			Location: `${redirect_uri}?code=${token.code}`,
-		},
-	});
+	return Response.redirect(`${redirect_uri}?code=${token.code}`);
 };
diff --git a/tests/oauth.test.ts b/tests/oauth.test.ts
index 985d0c99..baf4e202 100644
--- a/tests/oauth.test.ts
+++ b/tests/oauth.test.ts
@@ -76,11 +76,11 @@ describe("POST /auth/login/", () => {
 			{
 				method: "POST",
 				body: formData,
+				redirect: "manual",
 			}
 		);
-
 		expect(response.status).toBe(302);
-		expect(response.headers.get("location")).toMatch(
+		expect(response.headers.get("Location")).toMatch(
 			/https:\/\/example.com\?code=/
 		);
 
@@ -108,13 +108,16 @@ describe("POST /v1/oauth/token/", () => {
 			}
 		);
 
+		// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
+		const json = await response.json();
+
 		expect(response.status).toBe(200);
 		expect(response.headers.get("content-type")).toBe("application/json");
-		expect(await response.json()).toEqual({
+		expect(json).toEqual({
 			access_token: expect.any(String),
-			token_type: "bearer",
+			token_type: "Bearer",
 			scope: "read write",
-			created_at: expect.any(Number),
+			created_at: expect.any(String),
 		});
 	});
 });