It removes the allowedOrigin middleware from the /api/logout endpoint, which checks for the presence of a organizationId param, which we don't need for this endpoint
It fixes a bug with the forgot password endpoint to differentiate b/w sdk clients and internal (squeak.cloud) clients, using a default email config for squeak.cloud client requests
Sets the cookie domain to the origin of the requesting site. For example, sessions that originate on posthog.com will not carry over to squeak.cloud cc @corywatilo
This PR includes three changes:
allowedOrigin
middleware from the/api/logout
endpoint, which checks for the presence of aorganizationId
param, which we don't need for this endpoint