Merge branch 'master' of github.com:appwrite/appwrite into database-ui

app/app.php

@@ -16,6 +16,7 @@ use Database\Database;
 use Database\Document;
 use Database\Validator\Authorization;
 use Event\Event;
+use Utopia\Domains\Domain;
 use Utopia\Validator\WhiteList;
 
 /*
@@ -52,15 +53,22 @@ $clients = array_unique(array_merge($clientsConsole, array_map(function ($node)
         return false;
     }))));
 
-$utopia->init(function () use ($utopia, $request, $response, &$user, $project, $roles, $webhook, $audit, $usage, $domain, $clients, $protocol) {
+$utopia->init(function () use ($utopia, $request, $response, &$user, $project, $roles, $webhook, $audit, $usage, $domain, $clients, &$domainVerification) {
     
     $route = $utopia->match($request);
 
     $referrer = $request->getServer('HTTP_REFERER', '');
     $origin = parse_url($request->getServer('HTTP_ORIGIN', $referrer), PHP_URL_HOST);
+    $protocol = parse_url($request->getServer('HTTP_ORIGIN', $referrer), PHP_URL_SCHEME);
+    $port = parse_url($request->getServer('HTTP_ORIGIN', $referrer), PHP_URL_PORT);
 
     $refDomain = $protocol.'://'.((in_array($origin, $clients))
-        ? $origin : 'localhost');
+        ? $origin : 'localhost') . (!empty($port) ? ':'.$port : '');
+
+    $selfDomain = new Domain($domain);
+    $endDomain = new Domain($origin);
+
+    $domainVerification = ($selfDomain->getRegisterable() === $endDomain->getRegisterable());
 
     /*
      * Security Headers
@@ -230,7 +238,7 @@ $utopia->shutdown(function () use ($response, $request, $webhook, $audit, $usage
     }
 });
 
-$utopia->options(function () use ($request, $response, $domain, $project) {
+$utopia->options(function () use ($request, $response) {
     $origin = $request->getServer('HTTP_ORIGIN');
 
     $response

app/controllers/api/account.php

@@ -150,7 +150,7 @@ $utopia->post('/v1/account/sessions')
     ->param('email', '', function () { return new Email(); }, 'User email.')
     ->param('password', '', function () { return new Password(); }, 'User password.')
     ->action(
-        function ($email, $password) use ($response, $request, $projectDB, $audit, $webhook, $protocol) {
+        function ($email, $password) use ($response, $request, $projectDB, $audit, $webhook, $protocol, $domainVerification) {
             $profile = $projectDB->getCollection([ // Get user by email address
                 'limit' => 1,
                 'first' => true,
@@ -210,11 +210,16 @@ $utopia->post('/v1/account/sessions')
                 ->setParam('event', 'account.sessions.create')
                 ->setParam('resource', 'users/'.$profile->getId())
             ;
+
+            if(!$domainVerification) {
+                $response
+                    ->addHeader('X-Fallback-Cookies', json_encode([Auth::$cookieName => Auth::encodeSession($profile->getId(), $secret)]))
+                ;
+            }
             
             $response
                 ->addCookie(Auth::$cookieName.'_legacy', Auth::encodeSession($profile->getId(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $protocol), true, null)
                 ->addCookie(Auth::$cookieName, Auth::encodeSession($profile->getId(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $protocol), true, COOKIE_SAMESITE)
-                ->addHeader('X-Fallback-Cookies', json_encode([Auth::$cookieName => Auth::encodeSession($profile->getId(), $secret)]))
                 ->setStatusCode(Response::STATUS_CODE_CREATED)
                 ->json($session->getArrayCopy(['$id', 'type', 'expire']))
             ;
@@ -294,7 +299,7 @@ $utopia->get('/v1/account/sessions/oauth2/:provider/redirect')
     ->param('code', '', function () { return new Text(1024); }, 'OAuth2 code.')
     ->param('state', '', function () { return new Text(2048); }, 'OAuth2 state params.', true)
     ->action(
-        function ($provider, $code, $state) use ($response, $request, $user, $projectDB, $project, $audit, $protocol) {
+        function ($provider, $code, $state) use ($response, $request, $user, $projectDB, $project, $audit, $protocol, $domainVerification) {
             $callback = $protocol.'://'.$request->getServer('HTTP_HOST').'/v1/account/sessions/oauth2/callback/'.$provider.'/'.$project->getId();
             $defaultState = ['success' => $project->getAttribute('url', ''), 'failure' => ''];
             $validateURL = new URL();
@@ -443,10 +448,15 @@ $utopia->get('/v1/account/sessions/oauth2/:provider/redirect')
                 ->setParam('data', ['provider' => $provider])
             ;
 
+            if(!$domainVerification) {
+                $response
+                    ->addHeader('X-Fallback-Cookies', json_encode([Auth::$cookieName => Auth::encodeSession($user->getId(), $secret)]))
+                ;
+            }
+
             $response
                 ->addCookie(Auth::$cookieName.'_legacy', Auth::encodeSession($user->getId(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $protocol), true, null)
                 ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $protocol), true, COOKIE_SAMESITE)
-                ->addHeader('X-Fallback-Cookies', json_encode([Auth::$cookieName => Auth::encodeSession($user->getId(), $secret)]))
                 ->redirect($state['success'])
             ;
         }
@@ -812,7 +822,7 @@ $utopia->delete('/v1/account')
     ->label('sdk.method', 'delete')
     ->label('sdk.description', '/docs/references/account/delete.md')
     ->action(
-        function () use ($response, $user, $projectDB, $audit, $webhook, $protocol) {
+        function () use ($response, $user, $projectDB, $audit, $webhook, $protocol, $domainVerification) {
             $user = $projectDB->updateDocument(array_merge($user->getArrayCopy(), [
                 'status' => Auth::USER_STATUS_BLOCKED,
             ]));
@@ -843,10 +853,15 @@ $utopia->delete('/v1/account')
                 ])
             ;
 
+            if(!$domainVerification) {
+                $response
+                    ->addHeader('X-Fallback-Cookies', json_encode([]))
+                ;
+            }
+
             $response
                 ->addCookie(Auth::$cookieName.'_legacy', '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $protocol), true, null)
                 ->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $protocol), true, COOKIE_SAMESITE)
-                ->addHeader('X-Fallback-Cookies', json_encode([]))
                 ->noContent()
             ;
         }
@@ -863,7 +878,7 @@ $utopia->delete('/v1/account/sessions/:sessionId')
     ->label('abuse-limit', 100)
     ->param('sessionId', null, function () { return new UID(); }, 'Session unique ID. Use the string \'current\' to delete the current device session.')
     ->action(
-        function ($sessionId) use ($response, $user, $projectDB, $webhook, $audit, $protocol) {
+        function ($sessionId) use ($response, $user, $projectDB, $webhook, $audit, $protocol, $domainVerification) {
             $sessionId = ($sessionId === 'current')
                     ? Auth::tokenVerify($user->getAttribute('tokens'), Auth::TOKEN_TYPE_LOGIN, Auth::$secret)
                     : $sessionId;
@@ -889,11 +904,16 @@ $utopia->delete('/v1/account/sessions/:sessionId')
                         ])
                     ;
 
+                    if(!$domainVerification) {
+                        $response
+                            ->addHeader('X-Fallback-Cookies', json_encode([]))
+                        ;
+                    }
+
                     if ($token->getAttribute('secret') == Auth::hash(Auth::$secret)) { // If current session delete the cookies too
                         $response
                             ->addCookie(Auth::$cookieName.'_legacy', '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $protocol), true, null)
                             ->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $protocol), true, COOKIE_SAMESITE)
-                            ->addHeader('X-Fallback-Cookies', json_encode([]))
                         ;
                     }
 
@@ -915,7 +935,7 @@ $utopia->delete('/v1/account/sessions')
     ->label('sdk.description', '/docs/references/account/delete-sessions.md')
     ->label('abuse-limit', 100)
     ->action(
-        function () use ($response, $user, $projectDB, $audit, $webhook, $protocol) {
+        function () use ($response, $user, $projectDB, $audit, $webhook, $protocol, $domainVerification) {
             $tokens = $user->getAttribute('tokens', []);
 
             foreach ($tokens as $token) { /* @var $token Document */
@@ -936,11 +956,16 @@ $utopia->delete('/v1/account/sessions')
                     ])
                 ;
 
+                if(!$domainVerification) {
+                    $response
+                        ->addHeader('X-Fallback-Cookies', json_encode([]))
+                    ;
+                }
+
                 if ($token->getAttribute('secret') == Auth::hash(Auth::$secret)) { // If current session delete the cookies too
                     $response
                         ->addCookie(Auth::$cookieName.'_legacy', '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $protocol), true, null)
                         ->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $protocol), true, COOKIE_SAMESITE)
-                        ->addHeader('X-Fallback-Cookies', json_encode([]))
                     ;
                 }
             }

app/controllers/api/teams.php

@@ -426,7 +426,7 @@ $utopia->patch('/v1/teams/:teamId/memberships/:inviteId/status')
     ->param('userId', '', function () { return new UID(); }, 'User unique ID.')
     ->param('secret', '', function () { return new Text(256); }, 'Secret key.')
     ->action(
-        function ($teamId, $inviteId, $userId, $secret) use ($response, $request, $user, $audit, $projectDB, $protocol) {
+        function ($teamId, $inviteId, $userId, $secret) use ($response, $request, $user, $audit, $projectDB, $protocol, $domainVerification) {
             $membership = $projectDB->getDocument($inviteId);
 
             if (empty($membership->getId()) || Database::SYSTEM_COLLECTION_MEMBERSHIPS != $membership->getCollection()) {
@@ -520,10 +520,15 @@ $utopia->patch('/v1/teams/:teamId/memberships/:inviteId/status')
                 ->setParam('resource', 'teams/'.$teamId)
             ;
 
+            if(!$domainVerification) {
+                $response
+                    ->addHeader('X-Fallback-Cookies', json_encode([Auth::$cookieName => Auth::encodeSession($user->getId(), $secret)]))
+                ;
+            }
+
             $response
                 ->addCookie(Auth::$cookieName.'_legacy', Auth::encodeSession($user->getId(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $protocol), true, null)
                 ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $protocol), true, COOKIE_SAMESITE)
-                ->addHeader('X-Fallback-Cookies', json_encode([Auth::$cookieName => Auth::encodeSession($user->getId(), $secret)]))
                 ->json(array_merge($membership->getArrayCopy([
                     '$id',
                     'userId',

app/init.php

@@ -48,6 +48,7 @@ $response = new Response();
  */
 $env = $request->getServer('_APP_ENV', App::ENV_TYPE_PRODUCTION);
 $domain = $request->getServer('HTTP_HOST', '');
+$domainVerification = false;
 $version = $request->getServer('_APP_VERSION', 'UNKNOWN');
 $providers = include __DIR__.'/../app/config/providers.php'; // OAuth2 providers list
 $platforms = include __DIR__.'/../app/config/platforms.php';

app/sdks/console-javascript/src/sdk.js

@@ -171,6 +171,10 @@
                     path = addParam(path, globalParams[i].key, globalParams[i].value);
                 }
 
+                if(window.localStorage && window.localStorage.getItem('cookieFallback')) {
+                    headers['X-Fallback-Cookies'] = window.localStorage.getItem('cookieFallback');
+                }
+
                 for (let key in globalHeaders) { // Add Global Headers
                     if (globalHeaders.hasOwnProperty(key)) {
                         if (!headers[globalHeaders[key].key]) {
@@ -233,6 +237,13 @@
                                     break;
                             }
 
+                            let cookieFallback = this.getResponseHeader('X-Fallback-Cookies') || '';
+                            
+                            if(window.localStorage && cookieFallback) {
+                                window.console.warn('Appwrite is using localStorage for session management. Increase your security by adding a custom domain as your API endpoint.');
+                                window.localStorage.setItem('cookieFallback', cookieFallback);
+                            }
+
                             resolve(data);
 
                         } else {
@@ -2342,11 +2353,11 @@
              * @param {string} name
              * @param {string} key
              * @param {string} store
-             * @param {string} url
+             * @param {string} hostname
              * @throws {Error}
              * @return {Promise}             
              */
-            createPlatform: function(projectId, type, name, key = '', store = '', url = '') {
+            createPlatform: function(projectId, type, name, key = '', store = '', hostname = '') {
                 if(projectId === undefined) {
                     throw new Error('Missing required parameter: "projectId"');
                 }
@@ -2379,8 +2390,8 @@
                     payload['store'] = store;
                 }
 
-                if(url) {
-                    payload['url'] = url;
+                if(hostname) {
+                    payload['hostname'] = hostname;
                 }
 
                 return http
@@ -2426,11 +2437,11 @@
              * @param {string} name
              * @param {string} key
              * @param {string} store
-             * @param {string} url
+             * @param {string} hostname
              * @throws {Error}
              * @return {Promise}             
              */
-            updatePlatform: function(projectId, platformId, name, key = '', store = '', url = '') {
+            updatePlatform: function(projectId, platformId, name, key = '', store = '', hostname = '') {
                 if(projectId === undefined) {
                     throw new Error('Missing required parameter: "projectId"');
                 }
@@ -2459,8 +2470,8 @@
                     payload['store'] = store;
                 }
 
-                if(url) {
-                    payload['url'] = url;
+                if(hostname) {
+                    payload['hostname'] = hostname;
                 }
 
                 return http

app/sdks/console-javascript/src/sdk.min.js

@@ -3,12 +3,14 @@ return str.join("&")};let addGlobalHeader=function(key,value){globalHeaders[key]
 if(typeof path!=='string'){throw new Error('var path must be of type string')}
 if(typeof headers!=='object'){throw new Error('var headers must be of type object')}
 for(i=0;i<globalParams.length;i++){path=addParam(path,globalParams[i].key,globalParams[i].value)}
+if(window.localStorage&&window.localStorage.getItem('cookieFallback')){headers['X-Fallback-Cookies']=window.localStorage.getItem('cookieFallback')}
 for(let key in globalHeaders){if(globalHeaders.hasOwnProperty(key)){if(!headers[globalHeaders[key].key]){headers[globalHeaders[key].key]=globalHeaders[key].value}}}
 if(method==='GET'){for(let param in params){if(param.hasOwnProperty(key)){path=addParam(path,key+(Array.isArray(param)?'[]':''),params[key])}}}
 switch(headers['content-type']){case 'application/json':params=JSON.stringify(params);break;case 'multipart/form-data':let formData=new FormData();Object.keys(params).forEach(function(key){let param=params[key];formData.append(key+(Array.isArray(param)?'[]':''),param)});params=formData;break}
 return new Promise(function(resolve,reject){let request=new XMLHttpRequest(),key;request.withCredentials=!0;request.open(method,path,!0);for(key in headers){if(headers.hasOwnProperty(key)){if(key==='content-type'&&headers[key]==='multipart/form-data'){continue}
 request.setRequestHeader(key,headers[key])}}
 request.onload=function(){if(4===request.readyState&&399>=request.status){let data=request.response;let contentType=this.getResponseHeader('content-type')||'';contentType=contentType.substring(0,contentType.indexOf(';'));switch(contentType){case 'application/json':data=JSON.parse(data);break}
+let cookieFallback=this.getResponseHeader('X-Fallback-Cookies')||'';if(window.localStorage&&cookieFallback){window.console.warn('Appwrite is using localStorage for session management. Increase your security by adding a custom domain as your API endpoint.');window.localStorage.setItem('cookieFallback',cookieFallback)}
 resolve(data)}else{reject(new Error(request.statusText))}};if(progress){request.addEventListener('progress',progress);request.upload.addEventListener('progress',progress,!1)}
 request.onerror=function(){reject(new Error("Network Error"))};request.send(params)})};return{'get':function(path,headers={},params={}){return call('GET',path+((Object.keys(params).length>0)?'?'+buildQuery(params):''),headers,{})},'post':function(path,headers={},params={},progress=null){return call('POST',path,headers,params,progress)},'put':function(path,headers={},params={},progress=null){return call('PUT',path,headers,params,progress)},'patch':function(path,headers={},params={},progress=null){return call('PATCH',path,headers,params,progress)},'delete':function(path,headers={},params={},progress=null){return call('DELETE',path,headers,params,progress)},'addGlobalParam':addGlobalParam,'addGlobalHeader':addGlobalHeader}}(window.document);let iframe=function(method,url,params){let form=document.createElement('form');form.setAttribute('method',method);form.setAttribute('action',config.endpoint+url);for(let key in params){if(params.hasOwnProperty(key)){let hiddenField=document.createElement("input");hiddenField.setAttribute("type","hidden");hiddenField.setAttribute("name",key);hiddenField.setAttribute("value",params[key]);form.appendChild(hiddenField)}}
 document.body.appendChild(form);return form.submit()};let account={get:function(){let path='/account';let payload={};return http.get(path,{'content-type':'application/json',},payload)},create:function(email,password,name=''){if(email===undefined){throw new Error('Missing required parameter: "email"')}
@@ -194,23 +196,23 @@ let path='/projects/{projectId}/oauth2'.replace(new RegExp('{projectId}','g'),pr
 if(appId){payload.appId=appId}
 if(secret){payload.secret=secret}
 return http.patch(path,{'content-type':'application/json',},payload)},listPlatforms:function(projectId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"')}
-let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);let payload={};return http.get(path,{'content-type':'application/json',},payload)},createPlatform:function(projectId,type,name,key='',store='',url=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"')}
+let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);let payload={};return http.get(path,{'content-type':'application/json',},payload)},createPlatform:function(projectId,type,name,key='',store='',hostname=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"')}
 if(type===undefined){throw new Error('Missing required parameter: "type"')}
 if(name===undefined){throw new Error('Missing required parameter: "name"')}
 let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);let payload={};if(type){payload.type=type}
 if(name){payload.name=name}
 if(key){payload.key=key}
 if(store){payload.store=store}
-if(url){payload.url=url}
+if(hostname){payload.hostname=hostname}
 return http.post(path,{'content-type':'application/json',},payload)},getPlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"')}
 if(platformId===undefined){throw new Error('Missing required parameter: "platformId"')}
-let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};return http.get(path,{'content-type':'application/json',},payload)},updatePlatform:function(projectId,platformId,name,key='',store='',url=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"')}
+let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};return http.get(path,{'content-type':'application/json',},payload)},updatePlatform:function(projectId,platformId,name,key='',store='',hostname=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"')}
 if(platformId===undefined){throw new Error('Missing required parameter: "platformId"')}
 if(name===undefined){throw new Error('Missing required parameter: "name"')}
 let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};if(name){payload.name=name}
 if(key){payload.key=key}
 if(store){payload.store=store}
-if(url){payload.url=url}
+if(hostname){payload.hostname=hostname}
 return http.put(path,{'content-type':'application/json',},payload)},deletePlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"')}
 if(platformId===undefined){throw new Error('Missing required parameter: "platformId"')}
 let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};return http.delete(path,{'content-type':'application/json',},payload)},listTasks:function(projectId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"')}

app/sdks/flutter-dart/pubspec.yaml

@@ -1,7 +1,7 @@
 name: appwrite
 version: 0.0.6
 description: Appwrite backend as a service cuts up to 70% of the time and costs required for building a modern application. We abstract and simplify common development tasks behind a REST APIs, to help you develop your app in a fast and secure way. For full API documentation and tutorials go to [https://appwrite.io/docs](https://appwrite.io/docs)
-author: Appwrite Team <team@appwrite.io> 
+author: Appwrite Team <team@localhost.test> 
 homepage: https://github.com/appwrite/sdk-for-dart
 environment:
   sdk: '>=2.2.2 <3.0.0'

app/sdks/server-php/composer.json

@@ -5,7 +5,7 @@
     "license": "BSD-3-Clause",
     "support": {
         "url": "https://appwrite.io/support",
-        "email": "team@appwrite.io"
+        "email": "team@localhost.test"
     },
     "autoload": {
         "psr-4": {

app/sdks/server-python/setup.py

@@ -7,9 +7,9 @@ setuptools.setup(
   license='BSD-3-Clause',
   description = 'Appwrite backend as a service cuts up to 70% of the time and costs required for building a modern application. We abstract and simplify common development tasks behind a REST APIs, to help you develop your app in a fast and secure way. For full API documentation and tutorials go to [https://appwrite.io/docs](https://appwrite.io/docs)',
   author = 'Appwrite Team',
-  author_email = 'team@appwrite.io',
+  author_email = 'team@localhost.test',
   maintainer = 'Appwrite Team',
-  maintainer_email = 'team@appwrite.io',
+  maintainer_email = 'team@localhost.test',
   url = 'https://appwrite.io/support',
   download_url='https://github.com/appwrite/sdk-for-python/archive/0.0.3.tar.gz',
   # keywords = ['SOME', 'MEANINGFULL', 'KEYWORDS'],

app/sdks/server-ruby/appwrite.gemspec

@@ -5,7 +5,7 @@ Gem::Specification.new do |s|
   s.summary = "Appwrite backend as a service cuts up to 70% of the time and costs required for building a modern application. We abstract and simplify common development tasks behind a REST APIs, to help you develop your app in a fast and secure way. For full API documentation and tutorials go to [https://appwrite.io/docs](https://appwrite.io/docs)"
   s.author = 'Appwrite Team'
   s.homepage = 'https://appwrite.io/support'
-  s.email = 'team@appwrite.io'
+  s.email = 'team@localhost.test'
   s.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
  
 end

app/sdks/web-javascript/src/sdk.js

@@ -171,6 +171,10 @@
                     path = addParam(path, globalParams[i].key, globalParams[i].value);
                 }
 
+                if(window.localStorage && window.localStorage.getItem('cookieFallback')) {
+                    headers['X-Fallback-Cookies'] = window.localStorage.getItem('cookieFallback');
+                }
+
                 for (let key in globalHeaders) { // Add Global Headers
                     if (globalHeaders.hasOwnProperty(key)) {
                         if (!headers[globalHeaders[key].key]) {
@@ -233,6 +237,13 @@
                                     break;
                             }
 
+                            let cookieFallback = this.getResponseHeader('X-Fallback-Cookies') || '';
+                            
+                            if(window.localStorage && cookieFallback) {
+                                window.console.warn('Appwrite is using localStorage for session management. Increase your security by adding a custom domain as your API endpoint.');
+                                window.localStorage.setItem('cookieFallback', cookieFallback);
+                            }
+
                             resolve(data);
 
                         } else {

app/sdks/web-javascript/src/sdk.min.js

@@ -3,12 +3,14 @@ return str.join("&")};let addGlobalHeader=function(key,value){globalHeaders[key]
 if(typeof path!=='string'){throw new Error('var path must be of type string')}
 if(typeof headers!=='object'){throw new Error('var headers must be of type object')}
 for(i=0;i<globalParams.length;i++){path=addParam(path,globalParams[i].key,globalParams[i].value)}
+if(window.localStorage&&window.localStorage.getItem('cookieFallback')){headers['X-Fallback-Cookies']=window.localStorage.getItem('cookieFallback')}
 for(let key in globalHeaders){if(globalHeaders.hasOwnProperty(key)){if(!headers[globalHeaders[key].key]){headers[globalHeaders[key].key]=globalHeaders[key].value}}}
 if(method==='GET'){for(let param in params){if(param.hasOwnProperty(key)){path=addParam(path,key+(Array.isArray(param)?'[]':''),params[key])}}}
 switch(headers['content-type']){case 'application/json':params=JSON.stringify(params);break;case 'multipart/form-data':let formData=new FormData();Object.keys(params).forEach(function(key){let param=params[key];formData.append(key+(Array.isArray(param)?'[]':''),param)});params=formData;break}
 return new Promise(function(resolve,reject){let request=new XMLHttpRequest(),key;request.withCredentials=!0;request.open(method,path,!0);for(key in headers){if(headers.hasOwnProperty(key)){if(key==='content-type'&&headers[key]==='multipart/form-data'){continue}
 request.setRequestHeader(key,headers[key])}}
 request.onload=function(){if(4===request.readyState&&399>=request.status){let data=request.response;let contentType=this.getResponseHeader('content-type')||'';contentType=contentType.substring(0,contentType.indexOf(';'));switch(contentType){case 'application/json':data=JSON.parse(data);break}
+let cookieFallback=this.getResponseHeader('X-Fallback-Cookies')||'';if(window.localStorage&&cookieFallback){window.console.warn('Appwrite is using localStorage for session management. Increase your security by adding a custom domain as your API endpoint.');window.localStorage.setItem('cookieFallback',cookieFallback)}
 resolve(data)}else{reject(new Error(request.statusText))}};if(progress){request.addEventListener('progress',progress);request.upload.addEventListener('progress',progress,!1)}
 request.onerror=function(){reject(new Error("Network Error"))};request.send(params)})};return{'get':function(path,headers={},params={}){return call('GET',path+((Object.keys(params).length>0)?'?'+buildQuery(params):''),headers,{})},'post':function(path,headers={},params={},progress=null){return call('POST',path,headers,params,progress)},'put':function(path,headers={},params={},progress=null){return call('PUT',path,headers,params,progress)},'patch':function(path,headers={},params={},progress=null){return call('PATCH',path,headers,params,progress)},'delete':function(path,headers={},params={},progress=null){return call('DELETE',path,headers,params,progress)},'addGlobalParam':addGlobalParam,'addGlobalHeader':addGlobalHeader}}(window.document);let iframe=function(method,url,params){let form=document.createElement('form');form.setAttribute('method',method);form.setAttribute('action',config.endpoint+url);for(let key in params){if(params.hasOwnProperty(key)){let hiddenField=document.createElement("input");hiddenField.setAttribute("type","hidden");hiddenField.setAttribute("name",key);hiddenField.setAttribute("value",params[key]);form.appendChild(hiddenField)}}
 document.body.appendChild(form);return form.submit()};let account={get:function(){let path='/account';let payload={};return http.get(path,{'content-type':'application/json',},payload)},create:function(email,password,name=''){if(email===undefined){throw new Error('Missing required parameter: "email"')}

public/dist/scripts/app-all.js

@@ -202,23 +202,23 @@ let path='/projects/{projectId}/oauth2'.replace(new RegExp('{projectId}','g'),pr
 if(appId){payload['appId']=appId;}
 if(secret){payload['secret']=secret;}
 return http.patch(path,{'content-type':'application/json',},payload);},listPlatforms:function(projectId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
-let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);let payload={};return http.get(path,{'content-type':'application/json',},payload);},createPlatform:function(projectId,type,name,key='',store='',url=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
+let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);let payload={};return http.get(path,{'content-type':'application/json',},payload);},createPlatform:function(projectId,type,name,key='',store='',hostname=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
 if(type===undefined){throw new Error('Missing required parameter: "type"');}
 if(name===undefined){throw new Error('Missing required parameter: "name"');}
 let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);let payload={};if(type){payload['type']=type;}
 if(name){payload['name']=name;}
 if(key){payload['key']=key;}
 if(store){payload['store']=store;}
-if(url){payload['url']=url;}
+if(hostname){payload['hostname']=hostname;}
 return http.post(path,{'content-type':'application/json',},payload);},getPlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
 if(platformId===undefined){throw new Error('Missing required parameter: "platformId"');}
-let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};return http.get(path,{'content-type':'application/json',},payload);},updatePlatform:function(projectId,platformId,name,key='',store='',url=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
+let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};return http.get(path,{'content-type':'application/json',},payload);},updatePlatform:function(projectId,platformId,name,key='',store='',hostname=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
 if(platformId===undefined){throw new Error('Missing required parameter: "platformId"');}
 if(name===undefined){throw new Error('Missing required parameter: "name"');}
 let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};if(name){payload['name']=name;}
 if(key){payload['key']=key;}
 if(store){payload['store']=store;}
-if(url){payload['url']=url;}
+if(hostname){payload['hostname']=hostname;}
 return http.put(path,{'content-type':'application/json',},payload);},deletePlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
 if(platformId===undefined){throw new Error('Missing required parameter: "platformId"');}
 let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};return http.delete(path,{'content-type':'application/json',},payload);},listTasks:function(projectId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}

public/dist/scripts/app-dep.js

@@ -202,23 +202,23 @@ let path='/projects/{projectId}/oauth2'.replace(new RegExp('{projectId}','g'),pr
 if(appId){payload['appId']=appId;}
 if(secret){payload['secret']=secret;}
 return http.patch(path,{'content-type':'application/json',},payload);},listPlatforms:function(projectId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
-let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);let payload={};return http.get(path,{'content-type':'application/json',},payload);},createPlatform:function(projectId,type,name,key='',store='',url=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
+let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);let payload={};return http.get(path,{'content-type':'application/json',},payload);},createPlatform:function(projectId,type,name,key='',store='',hostname=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
 if(type===undefined){throw new Error('Missing required parameter: "type"');}
 if(name===undefined){throw new Error('Missing required parameter: "name"');}
 let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);let payload={};if(type){payload['type']=type;}
 if(name){payload['name']=name;}
 if(key){payload['key']=key;}
 if(store){payload['store']=store;}
-if(url){payload['url']=url;}
+if(hostname){payload['hostname']=hostname;}
 return http.post(path,{'content-type':'application/json',},payload);},getPlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
 if(platformId===undefined){throw new Error('Missing required parameter: "platformId"');}
-let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};return http.get(path,{'content-type':'application/json',},payload);},updatePlatform:function(projectId,platformId,name,key='',store='',url=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
+let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};return http.get(path,{'content-type':'application/json',},payload);},updatePlatform:function(projectId,platformId,name,key='',store='',hostname=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
 if(platformId===undefined){throw new Error('Missing required parameter: "platformId"');}
 if(name===undefined){throw new Error('Missing required parameter: "name"');}
 let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};if(name){payload['name']=name;}
 if(key){payload['key']=key;}
 if(store){payload['store']=store;}
-if(url){payload['url']=url;}
+if(hostname){payload['hostname']=hostname;}
 return http.put(path,{'content-type':'application/json',},payload);},deletePlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
 if(platformId===undefined){throw new Error('Missing required parameter: "platformId"');}
 let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);let payload={};return http.delete(path,{'content-type':'application/json',},payload);},listTasks:function(projectId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}

public/scripts/dependencies/appwrite.js

@@ -166,7 +166,7 @@
                 if (typeof headers !== 'object') {
                     throw new Error('var headers must be of type object');
                 }
-                
+
                 for (i = 0; i < globalParams.length; i++) { // Add global params to URL
                     path = addParam(path, globalParams[i].key, globalParams[i].value);
                 }
@@ -2353,11 +2353,11 @@
              * @param {string} name
              * @param {string} key
              * @param {string} store
-             * @param {string} url
+             * @param {string} hostname
              * @throws {Error}
              * @return {Promise}             
              */
-            createPlatform: function(projectId, type, name, key = '', store = '', url = '') {
+            createPlatform: function(projectId, type, name, key = '', store = '', hostname = '') {
                 if(projectId === undefined) {
                     throw new Error('Missing required parameter: "projectId"');
                 }
@@ -2390,8 +2390,8 @@
                     payload['store'] = store;
                 }
 
-                if(url) {
-                    payload['url'] = url;
+                if(hostname) {
+                    payload['hostname'] = hostname;
                 }
 
                 return http
@@ -2437,11 +2437,11 @@
              * @param {string} name
              * @param {string} key
              * @param {string} store
-             * @param {string} url
+             * @param {string} hostname
              * @throws {Error}
              * @return {Promise}             
              */
-            updatePlatform: function(projectId, platformId, name, key = '', store = '', url = '') {
+            updatePlatform: function(projectId, platformId, name, key = '', store = '', hostname = '') {
                 if(projectId === undefined) {
                     throw new Error('Missing required parameter: "projectId"');
                 }
@@ -2470,8 +2470,8 @@
                     payload['store'] = store;
                 }
 
-                if(url) {
-                    payload['url'] = url;
+                if(hostname) {
+                    payload['hostname'] = hostname;
                 }
 
                 return http

public/styles/typography.less

@@ -79,6 +79,14 @@ small {
   font-weight: 400!important;
 }
 
+.text-bold-large {
+  font-weight: 500!important;
+}
+
+.text-bold-xl {
+  font-weight: 600!important;
+}
+
 .text-danger {
   color: var(--config-color-danger)!important;
 }