Fix middleware redirect URLs missing basePath

- Use request.nextUrl.clone() instead of new URL() for redirects
- This preserves the /leopost basePath in redirect URLs
- Fixes 404 error when unauthenticated user visits /dashboard

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

middleware.ts

@@ -18,7 +18,9 @@ export async function middleware(request: NextRequest) {
   )
 
   if (isProtectedRoute && !user) {
-    const redirectUrl = new URL('/login/', request.url)
+    // Use nextUrl.clone() to preserve basePath in redirect
+    const redirectUrl = request.nextUrl.clone()
+    redirectUrl.pathname = '/login/'
     redirectUrl.searchParams.set('redirectTo', pathname)
     return NextResponse.redirect(redirectUrl)
   }
@@ -29,7 +31,10 @@ export async function middleware(request: NextRequest) {
   )
 
   if (isAuthRoute && user) {
-    return NextResponse.redirect(new URL('/dashboard/', request.url))
+    // Use nextUrl.clone() to preserve basePath in redirect
+    const url = request.nextUrl.clone()
+    url.pathname = '/dashboard/'
+    return NextResponse.redirect(url)
   }
 
   return supabaseResponse