2👍
Messages are associated with a user via the session. But the session ID is stored in a cookie – and cookies are domain-specific. Yet the whole point of your middleware is to redirect from one domain to another. After redirection, the user will get a new cookie on the new domain.
In other words, this can’t possibly work as you have it now. The only alternative would be to put something in the GET parameters of the redirected request.
Source:stackexchange.com