Fix auth redirects for /dreamgirl subpath

Make login/logout and redirects work when deployed under a subdirectory (e.g. /dreamgirl).

Co-authored-by: Cursor <cursoragent@cursor.com>

auth/auth.php

@@ -42,9 +42,23 @@ function dreamgirl_check_credentials(string $username, string $password): bool {
   return hash_equals($expectedSha256, $gotSha256);
 }
 
+function dreamgirl_base_path(): string {
+  // If deployed under /dreamgirl, SCRIPT_NAME is like /dreamgirl/index.php
+  // If at web root, SCRIPT_NAME is like /index.php
+  $script = isset($_SERVER['SCRIPT_NAME']) ? (string)$_SERVER['SCRIPT_NAME'] : '';
+  $dir = rtrim(str_replace('\\', '/', dirname($script)), '/');
+  return ($dir === '' || $dir === '.') ? '' : $dir;
+}
+
+function dreamgirl_url(string $path): string {
+  $base = dreamgirl_base_path();
+  $p = ltrim($path, '/');
+  return $base . '/' . $p;
+}
+
 function dreamgirl_require_login_page(): void {
   if (dreamgirl_is_logged_in()) return;
-  header('Location: /login.php');
+  header('Location: ' . dreamgirl_url('login.php'));
   exit;
 }