diff --git a/apps/web/src/actions/auth.test.ts b/apps/web/src/actions/auth.test.ts
index ddd7702..56b5d36 100644
--- a/apps/web/src/actions/auth.test.ts
+++ b/apps/web/src/actions/auth.test.ts
@@ -15,7 +15,7 @@ const {
   findUserMock: vi.fn(),
   headersGetMock: vi.fn(() => "127.0.0.1"),
   checkRateLimitMock: vi.fn(),
-  redirectMock: vi.fn(() => {
+  redirectMock: vi.fn((_path: string) => {
     throw new Error("redirect");
   }),
   loggerMock: { warn: vi.fn(), info: vi.fn() },
@@ -28,7 +28,7 @@ vi.mock("next/headers", () => ({
   }),
 }));
 vi.mock("next/navigation", () => ({
-  redirect: (...a: unknown[]) => redirectMock(...a),
+  redirect: (path: string) => redirectMock(path),
 }));
 vi.mock("@/lib/db", () => ({
   db: {
@@ -52,7 +52,7 @@ beforeEach(() => {
   checkRateLimitMock.mockReset();
   checkRateLimitMock.mockResolvedValue({ limited: false, count: 1 });
   redirectMock.mockReset();
-  redirectMock.mockImplementation(() => {
+  redirectMock.mockImplementation((_path: string) => {
     throw new Error("redirect");
   });
   loggerMock.warn.mockReset();
diff --git a/apps/web/src/actions/auth.ts b/apps/web/src/actions/auth.ts
index 3608579..93a84ae 100644
--- a/apps/web/src/actions/auth.ts
+++ b/apps/web/src/actions/auth.ts
@@ -106,11 +106,15 @@ export async function loginAction(formData: FormData): Promise<LoginResult> {
     maxAge: DEFAULT_TTL_SECONDS,
   });
 
-  redirect(safeRedirect(next));
+  // Typed-routes is on (next.config.ts experimental.typedRoutes); the
+  // `next` value is a runtime string from the form so we cast through any.
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  redirect(safeRedirect(next) as any);
 }
 
 export async function logoutAction(): Promise<void> {
   const jar = await cookies();
   jar.delete(COOKIE_NAME);
-  redirect("/login");
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  redirect("/login" as any);
 }