I'd probably set up the authentication server behavior to redirect to an operator.php page that can just have two restrict access rules to redirect to the appropriate page based on the value of the saved session variable.
So the login takes them to operator.php which is a blank page that has three redirect rules. If they aren't logged it it takes them to the login page, then two more to check the value of the session variable and redirect to the correct page.