fix(middleware): use relative URL for sign-in page callbackUrl (#4534)

bboyz269 · sa-codymai · ThangHuuVu · web-flow · commit 75602a3f047e · 2022-05-31T18:14:24.000+02:00
* Use relative URL for middleware's signin callbackUrl

* Include params to callbackUrl if any

* For testing purpose, append params to existing link for test instead of create another one

* Update apps/dev/components/header.js

Co-authored-by: CODY Mai &lt;nhan.mai@shiftasia.com&gt;
Co-authored-by: Thang Vu &lt;31528554+ThangHuuVu@users.noreply.github.com&gt;
diff --git a/packages/next-auth/src/next/middleware.ts b/packages/next-auth/src/next/middleware.ts
@@ -101,7 +101,7 @@ async function handleMiddleware(
 
   // the user is not logged in, redirect to the sign-in page
   const signInUrl = new URL(signInPage, req.nextUrl.origin)
-  signInUrl.searchParams.append("callbackUrl", req.url)
+  signInUrl.searchParams.append("callbackUrl", `${req.nextUrl.pathname}${req.nextUrl.search}`)
   return NextResponse.redirect(signInUrl)
 }
 

Original file line number	Diff line number	Diff line change
`@@ -101,7 +101,7 @@ async function handleMiddleware(`
`101`	`101`
`102`	`102`	`// the user is not logged in, redirect to the sign-in page`
`103`	`103`	`const signInUrl = new URL(signInPage, req.nextUrl.origin)`
`104`		`- signInUrl.searchParams.append("callbackUrl", req.url)`
	`104`	+ signInUrl.searchParams.append("callbackUrl", `${req.nextUrl.pathname}${req.nextUrl.search}`)
`105`	`105`	`return NextResponse.redirect(signInUrl)`
`106`	`106`	`}`
`107`	`107`