fix: set lastProductId cookie in proxy instead of Server Component

Cookies can only be written in Server Actions or Route Handlers.
Moved the write to proxy.ts where NextResponse.cookies.set is allowed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

app/(app)/products/[id]/solo/page.tsx

@@ -1,7 +1,6 @@
 import { notFound, redirect } from 'next/navigation'
 import { getSession } from '@/lib/auth'
 import { getAccessibleProduct } from '@/lib/product-access'
-import { setLastProductCookie } from '@/lib/cookies'
 import { prisma } from '@/lib/prisma'
 import { SoloBoard } from '@/components/solo/solo-board'
 import { NoActiveSprint } from '@/components/solo/no-active-sprint'
@@ -20,8 +19,6 @@ export default async function SoloProductPage({ params }: Props) {
   const product = await getAccessibleProduct(id, session.userId)
   if (!product) notFound()
 
-  await setLastProductCookie(id)
-
   const sprint = await prisma.sprint.findFirst({
     where: { product_id: id, status: 'ACTIVE' },
   })

proxy.ts

@@ -5,6 +5,9 @@ import { sessionOptions } from '@/lib/session'
 const protectedRoutes = ['/dashboard', '/products', '/todos', '/settings', '/solo']
 const authRoutes = ['/login', '/register']
 
+const SOLO_ROUTE = /^\/products\/([^/]+)\/solo$/
+const THIRTY_DAYS_SECONDS = 60 * 60 * 24 * 30
+
 export function proxy(request: NextRequest) {
   const path = request.nextUrl.pathname
   const isProtected = protectedRoutes.some(r => path.startsWith(r))
@@ -21,7 +24,20 @@ export function proxy(request: NextRequest) {
     return NextResponse.redirect(new URL('/dashboard', request.url))
   }
 
-  return NextResponse.next()
+  const response = NextResponse.next()
+
+  // Remember last visited product for /solo redirect
+  const soloMatch = path.match(SOLO_ROUTE)
+  if (soloMatch) {
+    response.cookies.set('lastProductId', soloMatch[1], {
+      httpOnly: true,
+      sameSite: 'lax',
+      maxAge: THIRTY_DAYS_SECONDS,
+      path: '/',
+    })
+  }
+
+  return response
 }
 
 export const config = {