Define Scope for redirecting user to profile page if not admin
Use the existing variable this.admin in the auth.js to first define on login whether the user is in the admin scope or not. Then in the redirect send the user to the "/admin/user".
The non admin user should not be allowed to visit any other user's profile or see the list of users by changing the path in the address bar of the browser.
Edited by Larbi Gharib