fix(auth): use public url for redirect

app/[lang]/(live)/(protected)/logout/route.ts

@@ -13,7 +13,6 @@ export async function GET(request: NextRequest) {
     returnUrl ||
     request.headers.get("x-redirect-to") ||
     request.nextUrl.searchParams.get("redirectTo") ||
-    request.headers.get("Referer") ||
     "/"
 
   try {

middlewares/authRequired.ts

@@ -3,6 +3,7 @@ import { NextResponse } from "next/server"
 import { findLang } from "@/constants/languages"
 import { authRequired } from "@/constants/routes/authRequired"
 import { login } from "@/constants/routes/handleAuth"
+import { env } from "@/env/server"
 
 import { auth } from "@/auth"
 
@@ -45,13 +46,16 @@ export const middleware = auth(async (request) => {
     return NextResponse.next()
   }
 
+  const publicUrl = nextUrl.clone()
+  publicUrl.host = env.PUBLIC_URL!
+
   const headers = new Headers()
   headers.append(
     "set-cookie",
-    `redirectTo=${encodeURIComponent(nextUrl.href)}; Path=/; HttpOnly; SameSite=Lax`
+    `redirectTo=${encodeURIComponent(publicUrl.href)}; Path=/; HttpOnly; SameSite=Lax`
   )
   const loginUrl = login[lang]
-  return NextResponse.redirect(new URL(loginUrl, request.nextUrl), {
+  return NextResponse.redirect(new URL(loginUrl, publicUrl), {
     headers,
   })
 }) as NextMiddleware // See comment above