fix: remove returnurl since not used, remove double redirect when request coming from current web

app/[lang]/(live)/(protected)/logout/route.ts

@@ -14,32 +14,7 @@ export async function GET(
   context: { params: { lang: Lang } }
 ) {
   let redirectHeaders: Headers | undefined = undefined
-  let redirectTo: string
+  let redirectTo: string = ""
-
-  const returnUrl = request.headers.get("x-returnurl")
-
-  if (returnUrl) {
-    redirectTo = returnUrl
-  } else {
-    // Normal logout request from New web
-    redirectTo =
-      request.cookies.get("redirectTo")?.value || // Cookie gets set by authRequired middleware
-      request.nextUrl.searchParams.get("redirectTo") ||
-      "/"
-
-    // Make relative URL to absolute URL
-    if (redirectTo.startsWith("/")) {
-      if (!env.PUBLIC_URL) {
-        throw internalServerError("No value for env.PUBLIC_URL")
-      }
-      redirectTo = new URL(redirectTo, env.PUBLIC_URL).href
-    }
-    // Clean up cookie from authRequired middleware
-    redirectHeaders = new Headers()
-    redirectHeaders.append(
-      "set-cookie",
-      "redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax"
-    )
 
   try {
     // Initiate the seamless logout flow
@@ -65,15 +40,20 @@ export async function GET(
         break
     }
     const redirectUrl = new URL(redirectUrlValue)
-      redirectUrl.searchParams.set("returnurl", redirectTo)
+    if (request.nextUrl.searchParams.get("currentweb") != null) {
+      // Request coming from NEW web, redirect to current web logout
       redirectTo = redirectUrl.toString()
+    } else {
+      // Request coming from CURRENT web, redirect to current web start page
+      redirectTo = redirectUrl.origin
+    }
   } catch (e) {
     console.error(
       "Unable to create URL for seamless logout, proceeding without it."
     )
     console.error(e)
   }
-  }
+
   try {
     /**
      * Passing `redirect: false` to `signOut` will return a result object