From 8b0fba5014fa3c48acf44a5a3eacc60a6f9d7f22 Mon Sep 17 00:00:00 2001
From: jerick <jerick.oates@proton.me>
Date: Mon, 20 Apr 2026 16:35:47 -0400
Subject: [PATCH] fix: use req.url as redirect base so host is preserved

req.nextUrl.origin resolves to localhost inside the container.
Using req.url preserves the Host header the browser sent, so
redirects work when accessing via IP or any external hostname.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 src/middleware.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/middleware.ts b/src/middleware.ts
index 0f68a82..0a48526 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -72,13 +72,13 @@ export default auth((req) => {
     if (pathname.startsWith('/api/')) {
       return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
     }
-    const loginUrl = new URL('/login', req.nextUrl.origin)
+    const loginUrl = new URL('/login', req.url)
     loginUrl.searchParams.set('callbackUrl', pathname)
     return NextResponse.redirect(loginUrl)
   }
 
   if (pathname === '/login') {
-    return NextResponse.redirect(new URL('/dashboard', req.nextUrl.origin))
+    return NextResponse.redirect(new URL('/dashboard', req.url))
   }
 
   return NextResponse.next()