It removes the allowedOrigin middleware from the /api/logout endpoint, which checks for the presence of a organizationId param, which we don't need for this endpoint
It fixes a bug with the forgot password endpoint to differentiate b/w sdk clients and internal (squeak.cloud) clients, using a default email config for squeak.cloud client requests
Sets the cookie domain to the origin of the requesting site. For example, sessions that originate on posthog.com will not carry over to squeak.cloud cc @corywatilo
This PR includes three changes:
allowedOriginmiddleware from the/api/logoutendpoint, which checks for the presence of aorganizationIdparam, which we don't need for this endpoint