Merge pull request #142 from appwrite/dev

abnegate · web-flow · commit 0c95b17c0138 · 2025-10-08T18:56:11.000+13:00
feat: Web SDK update for version 21.1.0
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Change Log
 
+## 21.1.0
+
+* Deprecate `createVerification` method in `Account` service
+* Add `createEmailVerification` method in `Account` service
+
 ## 18.2.0
 
 * Add `incrementDocumentAttribute` and `decrementDocumentAttribute` support to `Databases` service
diff --git a/README.md b/README.md
@@ -33,7 +33,7 @@ import { Client, Account } from "appwrite";
 To install with a CDN (content delivery network) add the following scripts to the bottom of your <body> tag, but before you use any Appwrite services:
 
 ```html
-<script src="https://cdn.jsdelivr.net/npm/appwrite@21.0.0"></script>
+<script src="https://cdn.jsdelivr.net/npm/appwrite@21.1.0"></script>
 ```
 
 
diff --git a/docs/examples/account/create-email-verification.md b/docs/examples/account/create-email-verification.md
@@ -0,0 +1,13 @@
+import { Client, Account } from "appwrite";
+
+const client = new Client()
+    .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
+    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+
+const account = new Account(client);
+
+const result = await account.createEmailVerification({
+    url: 'https://example.com'
+});
+
+console.log(result);
diff --git a/docs/examples/account/update-email-verification.md b/docs/examples/account/update-email-verification.md
@@ -0,0 +1,14 @@
+import { Client, Account } from "appwrite";
+
+const client = new Client()
+    .setEndpoint('https://<REGION>.cloud.appwrite.io/v1') // Your API Endpoint
+    .setProject('<YOUR_PROJECT_ID>'); // Your project ID
+
+const account = new Account(client);
+
+const result = await account.updateEmailVerification({
+    userId: '<USER_ID>',
+    secret: '<SECRET>'
+});
+
+console.log(result);
diff --git a/package.json b/package.json
@@ -2,7 +2,7 @@
   "name": "appwrite",
   "homepage": "https://appwrite.io/support",
   "description": "Appwrite is an open-source self-hosted backend server that abstract and simplify complex and repetitive development tasks behind a very simple REST API",
-  "version": "21.0.0",
+  "version": "21.1.0",
   "license": "BSD-3-Clause",
   "main": "dist/cjs/sdk.js",
   "exports": {
diff --git a/src/client.ts b/src/client.ts
@@ -316,7 +316,7 @@ class Client {
         'x-sdk-name': 'Web',
         'x-sdk-platform': 'client',
         'x-sdk-language': 'web',
-        'x-sdk-version': '21.0.0',
+        'x-sdk-version': '21.1.0',
         'X-Appwrite-Response-Format': '1.8.0',
     };
 
diff --git a/src/services/account.ts b/src/services/account.ts
@@ -2732,6 +2732,68 @@ export class Account {
      * @throws {AppwriteException}
      * @returns {Promise<Models.Token>}
      */
+    createEmailVerification(params: { url: string  }): Promise<Models.Token>;
+    /**
+     * Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https://appwrite.io/docs/references/cloud/client-web/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.
+     * 
+     * Please note that in order to avoid a [Redirect Attack](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.
+     * 
+     *
+     * @param {string} url - URL to redirect the user back to your app from the verification email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.
+     * @throws {AppwriteException}
+     * @returns {Promise<Models.Token>}
+     * @deprecated Use the object parameter style method for a better developer experience.
+     */
+    createEmailVerification(url: string): Promise<Models.Token>;
+    createEmailVerification(
+        paramsOrFirst: { url: string } | string    
+    ): Promise<Models.Token> {
+        let params: { url: string };
+        
+        if ((paramsOrFirst && typeof paramsOrFirst === 'object' && !Array.isArray(paramsOrFirst))) {
+            params = (paramsOrFirst || {}) as { url: string };
+        } else {
+            params = {
+                url: paramsOrFirst as string            
+            };
+        }
+        
+        const url = params.url;
+
+        if (typeof url === 'undefined') {
+            throw new AppwriteException('Missing required parameter: "url"');
+        }
+
+        const apiPath = '/account/verifications/email';
+        const payload: Payload = {};
+        if (typeof url !== 'undefined') {
+            payload['url'] = url;
+        }
+        const uri = new URL(this.client.config.endpoint + apiPath);
+
+        const apiHeaders: { [header: string]: string } = {
+            'content-type': 'application/json',
+        }
+
+        return this.client.call(
+            'post',
+            uri,
+            apiHeaders,
+            payload
+        );
+    }
+
+    /**
+     * Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https://appwrite.io/docs/references/cloud/client-web/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.
+     * 
+     * Please note that in order to avoid a [Redirect Attack](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.md), the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.
+     * 
+     *
+     * @param {string} params.url - URL to redirect the user back to your app from the verification email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.
+     * @throws {AppwriteException}
+     * @returns {Promise<Models.Token>}
+     * @deprecated This API has been deprecated since 1.8.0. Please use `Account.createEmailVerification` instead.
+     */
     createVerification(params: { url: string  }): Promise<Models.Token>;
     /**
      * Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the **userId** and **secret** arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the **userId** and **secret** parameters. Learn more about how to [complete the verification process](https://appwrite.io/docs/references/cloud/client-web/account#updateVerification). The verification link sent to the user's email address is valid for 7 days.
@@ -2764,7 +2826,7 @@ export class Account {
             throw new AppwriteException('Missing required parameter: "url"');
         }
 
-        const apiPath = '/account/verification';
+        const apiPath = '/account/verifications/email';
         const payload: Payload = {};
         if (typeof url !== 'undefined') {
             payload['url'] = url;
@@ -2791,6 +2853,73 @@ export class Account {
      * @throws {AppwriteException}
      * @returns {Promise<Models.Token>}
      */
+    updateEmailVerification(params: { userId: string, secret: string  }): Promise<Models.Token>;
+    /**
+     * Use this endpoint to complete the user email verification process. Use both the **userId** and **secret** parameters that were attached to your app URL to verify the user email ownership. If confirmed this route will return a 200 status code.
+     *
+     * @param {string} userId - User ID.
+     * @param {string} secret - Valid verification token.
+     * @throws {AppwriteException}
+     * @returns {Promise<Models.Token>}
+     * @deprecated Use the object parameter style method for a better developer experience.
+     */
+    updateEmailVerification(userId: string, secret: string): Promise<Models.Token>;
+    updateEmailVerification(
+        paramsOrFirst: { userId: string, secret: string } | string,
+        ...rest: [(string)?]    
+    ): Promise<Models.Token> {
+        let params: { userId: string, secret: string };
+        
+        if ((paramsOrFirst && typeof paramsOrFirst === 'object' && !Array.isArray(paramsOrFirst))) {
+            params = (paramsOrFirst || {}) as { userId: string, secret: string };
+        } else {
+            params = {
+                userId: paramsOrFirst as string,
+                secret: rest[0] as string            
+            };
+        }
+        
+        const userId = params.userId;
+        const secret = params.secret;
+
+        if (typeof userId === 'undefined') {
+            throw new AppwriteException('Missing required parameter: "userId"');
+        }
+        if (typeof secret === 'undefined') {
+            throw new AppwriteException('Missing required parameter: "secret"');
+        }
+
+        const apiPath = '/account/verifications/email';
+        const payload: Payload = {};
+        if (typeof userId !== 'undefined') {
+            payload['userId'] = userId;
+        }
+        if (typeof secret !== 'undefined') {
+            payload['secret'] = secret;
+        }
+        const uri = new URL(this.client.config.endpoint + apiPath);
+
+        const apiHeaders: { [header: string]: string } = {
+            'content-type': 'application/json',
+        }
+
+        return this.client.call(
+            'put',
+            uri,
+            apiHeaders,
+            payload
+        );
+    }
+
+    /**
+     * Use this endpoint to complete the user email verification process. Use both the **userId** and **secret** parameters that were attached to your app URL to verify the user email ownership. If confirmed this route will return a 200 status code.
+     *
+     * @param {string} params.userId - User ID.
+     * @param {string} params.secret - Valid verification token.
+     * @throws {AppwriteException}
+     * @returns {Promise<Models.Token>}
+     * @deprecated This API has been deprecated since 1.8.0. Please use `Account.updateEmailVerification` instead.
+     */
     updateVerification(params: { userId: string, secret: string  }): Promise<Models.Token>;
     /**
      * Use this endpoint to complete the user email verification process. Use both the **userId** and **secret** parameters that were attached to your app URL to verify the user email ownership. If confirmed this route will return a 200 status code.
@@ -2827,7 +2956,7 @@ export class Account {
             throw new AppwriteException('Missing required parameter: "secret"');
         }
 
-        const apiPath = '/account/verification';
+        const apiPath = '/account/verifications/email';
         const payload: Payload = {};
         if (typeof userId !== 'undefined') {
             payload['userId'] = userId;
@@ -2857,7 +2986,7 @@ export class Account {
      */
     createPhoneVerification(): Promise<Models.Token> {
 
-        const apiPath = '/account/verification/phone';
+        const apiPath = '/account/verifications/phone';
         const payload: Payload = {};
         const uri = new URL(this.client.config.endpoint + apiPath);
 
@@ -2917,7 +3046,7 @@ export class Account {
             throw new AppwriteException('Missing required parameter: "secret"');
         }
 
-        const apiPath = '/account/verification/phone';
+        const apiPath = '/account/verifications/phone';
         const payload: Payload = {};
         if (typeof userId !== 'undefined') {
             payload['userId'] = userId;
diff --git a/src/services/tables-db.ts b/src/services/tables-db.ts
