auth: smart login/logout redirect back to original page

Login link now includes callbackUrl for the current page. Logout
redirects intelligently: stays on public pages, falls back to the
recipe detail for /edit/[name], to the recipe root for auth-only
sub-routes (add, favorites, to-try, admin), and to / for cospend.

src/routes/[recipeLang=recipeLang]/favorites/+page.server.ts

@@ -6,7 +6,8 @@ export const load: PageServerLoad = async ({ fetch, locals, params }) => {
     const session = await locals.auth();
 
     if (!session?.user?.nickname) {
-        throw redirect(302, `/${params.recipeLang}`);
+        const callbackUrl = encodeURIComponent(`/${params.recipeLang}/favorites`);
+        throw redirect(302, `/login?callbackUrl=${callbackUrl}`);
     }
 
     try {

src/routes/[recipeLang=recipeLang]/to-try/+page.server.ts

@@ -6,7 +6,12 @@ import { dbConnect } from '$utils/db';
 export const load: PageServerLoad = async ({ locals, params }) => {
     const session = await locals.auth();
 
-    if (!session?.user?.groups?.includes('rezepte_users')) {
+    if (!session?.user) {
+        const callbackUrl = encodeURIComponent(`/${params.recipeLang}/to-try`);
+        throw redirect(302, `/login?callbackUrl=${callbackUrl}`);
+    }
+
+    if (!session.user.groups?.includes('rezepte_users')) {
         throw redirect(302, `/${params.recipeLang}`);
     }