wide comet
Hello, I am hoping this is just a simple issue that I am missing something but by how I am readying the documentation I believe something is not adding up. The custom domains docs say that to avoid the browser blocking the sending of cookies, the appwrite domain should be under the same domain as the web apps domain.
I my project is a webapp using a mix of the Appwrite cloud (for auth, database, and soon realtime) and a selfhosted nodejs express server. The selfhosted server is accessible from the internet through my Nginx Proxy Manager setup, as is all my other services. I added and verified the custom domain for "api.cards.mydomain.com". When the client accesses my webapp at "cards.mydomain.com" and authenticate using the client sdk's account.createEmailPasswordSession, the cookie that is set on the browser is set to the Domain ".api.cards.mydomain.com" which I believe is correct based how I read the documentation on it.
This is believe is the problem though. Because the domain on the cookie is ".api.cards.mydomain.com" only that exact domain and subdomains of it can access the cookie. When trying to get the req.cookies on the server app it returns empty. Checking the request the browser sent it shows that it did not include those cookies. This is the understanding I got by reading the MDN docs on how cookies are used which is contradicting how I understood the appwrite docs.
I am really hoping someone can clear this up for me because I am not seeing how to move forward with how these seem to be in conflict. I would be open to adding a custom location to my Nginx proxy manager to point /api/ to the appwrite cloud endpoint but would need help with that if it is the better way to go (I did give it a brief shot but it was then giving Fastly SSL errors but that is a separate issue).
Thanks!
Sources:
https://appwrite.io/docs/advanced/platform/custom-domains
https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies
crystal holly