fix: improve auth handling and logging

middlewares/authRequired.ts

@@ -49,9 +49,9 @@ export const middleware = auth(async (request) => {
   }
 
   const publicUrl = new URL(env.PUBLIC_URL)
-  const nextUrlClone = nextUrl.clone()
-  nextUrlClone.host = publicUrl.host
-  nextUrlClone.hostname = publicUrl.hostname
+  const nextUrlPublic = nextUrl.clone()
+  nextUrlPublic.host = publicUrl.host
+  nextUrlPublic.hostname = publicUrl.hostname
 
   /**
    * Function to validate MFA from token data
@@ -67,7 +67,7 @@ export const middleware = auth(async (request) => {
 
   if (isLoggedIn && isMFAPath && isMFAInvalid()) {
     const headers = new Headers(request.headers)
-    headers.set("x-returnurl", nextUrlClone.href)
+    headers.set("x-returnurl", nextUrlPublic.href)
     headers.set("x-login-source", "mfa")
     return NextResponse.rewrite(new URL(`/${lang}/login`, request.nextUrl), {
       request: {
@@ -87,13 +87,16 @@ export const middleware = auth(async (request) => {
   const headers = new Headers()
   headers.append(
     "set-cookie",
-    `redirectTo=${encodeURIComponent(nextUrlClone.href)}; Path=/; HttpOnly; SameSite=Lax`
+    `redirectTo=${encodeURIComponent(nextUrlPublic.href)}; Path=/; HttpOnly; SameSite=Lax`
   )
 
   const loginUrl = login[lang]
-  return NextResponse.redirect(new URL(loginUrl, nextUrlClone), {
+  const redirectUrl = new URL(loginUrl, nextUrlPublic)
+  const redirectOpts = {
     headers,
-  })
+  }
+  console.log(`[authRequired] redirecting to: ${redirectUrl}`, redirectOpts)
+  return NextResponse.redirect(redirectUrl, redirectOpts)
 }) as NextMiddleware // See comment above
 
 export const matcher: MiddlewareMatcher = (request) => {