fix(WEB-132): absolute seamless login return urls

app/[lang]/(live)/(public)/login/route.ts

@@ -3,7 +3,7 @@ import { AuthError } from "next-auth"
 
 import { Lang } from "@/constants/languages"
 import { env } from "@/env/server"
-import { badRequest, internalServerError } from "@/server/errors/next"
+import { badRequest } from "@/server/errors/next"
 
 import { signIn } from "@/auth"
 
@@ -11,21 +11,41 @@ export async function GET(
   request: NextRequest,
   context: { params: { lang: Lang } }
 ) {
+  let redirectHeaders: Headers | undefined = undefined
+  let redirectTo: string
+
   const returnUrl = request.headers.get("x-returnurl")
+  if (returnUrl) {
+    // Seamless login request from Current web
+    redirectTo = returnUrl
+  } else {
+    // Normal login request from New web
+    redirectTo =
+      request.cookies.get("redirectTo")?.value || // Cookie gets set by authRequired middleware
+      request.headers.get("x-redirect-to") ||
+      request.nextUrl.searchParams.get("redirectTo") ||
+      request.headers.get("Referer") ||
+      ""
 
-  // If all else fails, always redirect to startpage
-  const finalDestination =
-    returnUrl ||
-    request.headers.get("x-redirect-to") ||
-    request.nextUrl.searchParams.get("redirectTo") ||
-    request.headers.get("Referer") ||
-    "/"
+    // If above fails, always redirect to startpage
+    if (!redirectTo) {
+      const proto = request.headers.get("x-forwarded-proto") ?? "http"
+      const host =
+        request.headers.get("x-forwarded-host") ??
+        request.headers.get("host") ??
+        env.URL
+      redirectTo = `${proto}://${host}/`
+    }
+
+    // Clean up cookie from authRequired middleware
+    redirectHeaders = new Headers()
+    redirectHeaders.append(
+      "set-cookie",
+      "redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax"
+    )
 
-  let redirectTo = finalDestination
-  if (!returnUrl) {
-    // This is a regular login request, not a seamless login request
-    // We should initiate the seamless login flow
     try {
+      // Initiate the seamless login flow
       let redirectUrlValue
       switch (context.params.lang) {
         case Lang.da:
@@ -48,12 +68,13 @@ export async function GET(
           break
       }
       const redirectUrl = new URL(redirectUrlValue)
-      redirectUrl.searchParams.set("returnurl", finalDestination)
+      redirectUrl.searchParams.set("returnurl", redirectTo)
       redirectTo = redirectUrl.toString()
     } catch (e) {
-      console.error("Unable to create URL for seamless login")
+      console.error(
+        "Unable to create URL for seamless login, proceeding without it."
+      )
       console.error(e)
-      return internalServerError()
     }
   }
 
@@ -63,7 +84,7 @@ export async function GET(
      * automatically redirecting to it inside of `signIn`.
      * https://github.com/nextauthjs/next-auth/blob/3c035ec/packages/next-auth/src/lib/actions.ts#L76
      */
-    const url = await signIn(
+    const redirectUrl = await signIn(
       "curity",
       {
         redirectTo,
@@ -74,8 +95,10 @@ export async function GET(
       }
     )
 
-    if (url) {
-      return NextResponse.redirect(url)
+    if (redirectUrl) {
+      return NextResponse.redirect(redirectUrl, {
+        headers: redirectHeaders,
+      })
     }
   } catch (error) {
     if (error instanceof AuthError) {