I think you have the right idea.
I personally use .replace when redirecting from an invalid url (or non relevant, i.e. redirect to “profile” page when a logged user goes to the “/login” url), so using the browser’s “back” button works properly for the end user.