fix: send searchparams in rewrite

app/[lang]/webview/refresh/page.module.css

@@ -0,0 +1,7 @@
+.container {
+  display: flex;
+  flex-direction: column;
+  align-items: center;
+  justify-content: center;
+  height: 100vh;
+}

app/[lang]/webview/refresh/page.tsx

@@ -1,3 +1,11 @@
+import LoadingSpinner from "@/components/LoadingSpinner"
+
+import styles from "./page.module.css"
+
 export default function Refresh() {
-  return <div>Hey you&apos;ve been refreshed</div>
+  return (
+    <div className={styles.container}>
+      <LoadingSpinner />
+    </div>
+  )
 }

lib/trpc/server.ts

@@ -1,7 +1,9 @@
 import { TRPCError } from "@trpc/server"
 import { redirect } from "next/navigation"
+import { NextResponse } from "next/server"
 
 import { Lang } from "@/constants/languages"
+import { env } from "@/env/server"
 import { appRouter } from "@/server"
 import { createContext } from "@/server/context"
 import { internalServerError } from "@/server/errors/next"
@@ -30,10 +32,12 @@ export function serverClient() {
               "Unautorized in webview, redirecting to: ",
               redirectUrl
             )
+
             redirect(redirectUrl)
           }
 
           const pathname = ctx?.pathname || "/"
+
           redirect(
             `/${lang}/login?redirectTo=${encodeURIComponent(`/${lang}/${pathname}`)}`
           )

middlewares/webView.ts

@@ -23,11 +23,17 @@ export const middleware: NextMiddleware = async (request) => {
 
   // If user is redirected to /lang/webview/refresh/, the webview token is invalid and we remove the cookie
   if (refreshWebviews.includes(nextUrl.pathname)) {
-    return NextResponse.rewrite(new URL(`/${lang}/webview/refresh`, nextUrl), {
-      headers: {
-        "Set-Cookie": `webviewToken=0; Max-Age=0; Secure; HttpOnly; Path=/; SameSite=Strict;`,
-      },
-    })
+    return NextResponse.rewrite(
+      new URL(
+        `/${lang}/webview/refresh?${nextUrl.searchParams.toString()}`,
+        nextUrl
+      ),
+      {
+        headers: {
+          "Set-Cookie": `webviewToken=0; Max-Age=0; Secure; HttpOnly; Path=/; SameSite=Strict;`,
+        },
+      }
+    )
   }
 
   const pathNameWithoutLang = nextUrl.pathname.replace(`/${lang}/webview`, "")
@@ -73,6 +79,7 @@ export const middleware: NextMiddleware = async (request) => {
     // It should be base64 encoded
     const authorization = request.headers.get("Authorization")!
     if (!authorization) {
+      console.error("Authorization header is missing")
       return badRequest()
     }
 
@@ -80,6 +87,7 @@ export const middleware: NextMiddleware = async (request) => {
     // It should be base64 encoded
     const initializationVector = request.headers.get("X-AES-IV")!
     if (!initializationVector) {
+      console.error("initializationVector header is missing")
       return badRequest()
     }