[DEV-3756] Add redirect in middleware for authenticated user navigating to auth pages

[Sebastiano-Bertolin]

This pull request refactors the authentication redirect logic for guest pages by moving it from a React hook into middleware, ensuring unauthenticated users are properly redirected at the server level. It also improves the Amplify configuration to set cookie storage options dynamically based on the environment. The most important changes are grouped below:

List of Changes

Authentication redirect logic:

• Removed the useAuthenticatedUserRedirect React hook from user.helper.ts, eliminating client-side checks and redirects for authenticated users on guest pages.
• Removed usage of useAuthenticatedUserRedirect from the sign-up page component, simplifying the component logic.
• Added new middleware logic in middleware.ts to detect authenticated users accessing guest pages and redirect them to the locale root server-side, using the Cognito cookie for detection.

Amplify configuration improvements:

• Updated AuthProvider.tsx to configure Amplify with dynamic cookie storage settings when running in the browser, ensuring cookies are set correctly per domain and protocol.

Minor cleanup:

• Removed unused import of redirect from user.helper.ts.

Motivation and Context

How Has This Been Tested?

Screenshots (if appropriate):

Types of changes

• Chore (nothing changes by a user perspective)
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

• My change requires a change to the documentation.
• I have updated the documentation accordingly.

[changeset-bot]

🦋 Changeset detected

Latest commit: 1d4c9dd

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
nextjs-website	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[Copilot]

Pull request overview

This PR moves “authenticated user on guest/auth pages” redirect logic from client-side React hooks into Next.js middleware, and adjusts Amplify’s cookie storage configuration so auth cookies are set with environment-derived options in the browser.

Changes:

• Add middleware logic to detect an authenticated user (via Cognito cookie) visiting auth/guest routes and redirect them to the locale root.
• Remove the useAuthenticatedUserRedirect hook and its usage in the sign-up page.
• Configure Amplify Auth cookie storage dynamically (domain/secure) in the browser.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File	Description
apps/nextjs-website/src/middleware.ts	Adds guest-route detection and cookie-based redirect; keeps existing locale rewrite behavior.
apps/nextjs-website/src/helpers/user.helper.ts	Removes the client-side redirect hook and an unused import.
apps/nextjs-website/src/components/organisms/Auth/AuthProvider.tsx	Configures Amplify with runtime cookieStorage options in the browser.
apps/nextjs-website/src/app/[locale]/auth/sign-up/page.tsx	Removes the authenticated-user redirect hook usage and related “loading” gating.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[MarcoPonchia]

Changeset is missing

[marcobottaro]

If an authenticated user tries to navigate to /auth/sign-up (without the locale), the browser redirects to https://${locale}/ without the base path

[github-actions]

Branch is not up to date with base branch

@Sebastiano-Bertolin it seems this Pull Request is not updated with base branch.
Please proceed with a merge or rebase to solve this.

[github-actions]

Jira Pull Request Link

This Pull Request refers to the following Jira issue DEV-3756