$createSession expects Bus $bus at position 12 (after the 1.9.x Bus
refactor), but two routes still injected 'queueForMails' (Mail) causing
TypeError at runtime. The third route (deprecated magic URL wrapper)
already had the correct 'bus' injection.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Resolve conflicts in app/controllers/api/account.php by keeping HEAD's
GeoRecord injection (the branch's core feature) and adopting main's Bus
pattern for session alerts:
- Drop the local sendSessionAlert() helper function; session alerts are
now dispatched via Bus
- $createSession signature: replace Mail $queueForMails with Bus $bus
- Same swap in the email/password login action and the deprecated magic
URL session update action
- Two inline sendSessionAlert() calls replaced with
$bus->dispatch(new SessionCreated(user, project, session, locale))
- Add 'use Appwrite\Bus\Events\SessionCreated;' and 'use Utopia\Bus\Bus;'
imports
- Other Mail $queueForMails injections (Magic URL, OTP, verification,
recovery emails) are unaffected — they remain on the Mail queue
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- SessionCreated event now carries only domain data (no isFirstSession)
- Mails listener uses ordered guard clauses, deferring the DB query
until cheaper checks pass
- Drop $user Document allocation in favour of direct array access
- Inline FileName validator and $smtpEnabled into their use sites
- Extract $isBranded to eliminate duplicate APP_BRANDED_EMAIL_BASE_TEMPLATE check
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Moves session alert email side effect out of the account controller
into a dedicated `Mails` listener that reacts to a new `SessionCreated`
bus event. The event is now always dispatched on session creation; the
listener owns all conditional logic (first session, sessionAlerts flag,
email-link sessions, user email presence).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Make geodb resource return null gracefully when MaxMind DB is not
registered (geo service replaces it)
- Rename $geodb -> $geoRecord in magic-url session endpoint for clarity
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Resolve merge conflicts:
- Adapt geo resources to use $container->set() DI pattern
- Keep GeoRecord type hints while adding domainVerification/cookieDomain params
- Remove duplicate resources already moved to request.php
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Swap the order of createDocument('sessions') and purgeCachedDocument('users')
in the email/password session creation flow. Previously, the cache was purged
before the session was written, opening a race window in Swoole's async
environment where a concurrent account.get() could re-cache the user with no
sessions, causing sessionVerify to fail with a 401. This matches the correct
ordering already used by the token-based flows (magic URL, OTP, phone).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The users.php and messaging.php legacy controllers were missing the
userType field in their log output, creating an inconsistency with the
new audit user type distinction feature. Also adds missing mode field
to users.php logs endpoint.
https://claude.ai/code/session_01J9gKXwbHoLggsGwJi6KUnM
- Add restart policy and logging config to appwrite-geo docker service
- Fix auth denylist condition bug (wrong parentheses) and normalize country codes
- Use geoRecord->isEu() directly instead of re-checking config in general.php
- Add array type guard for geo service JSON response in resources.php
- Add getGeoForIp callable resource with per-IP caching for log endpoints
- Fix all log endpoints to look up geo per log entry IP instead of using
the viewer's geoRecord, which was returning the same country for all logs
https://claude.ai/code/session_01JUg4bHzgpHrkvZdPeKsTVM
- Add getDatabaseResourceType() helper to map database types to resource constants
- Use database-specific resourceType for CSV/JSON import/export instead of hardcoded TYPE_DATABASE
- Skip attribute validation for schemaless databases (DocumentsDB/VectorsDB) in exports
- Parse JSON export queries in migration worker
- Restore MigrationsBase from 1.9.x and append VectorsDB/DocumentsDB E2E tests
GeoRecord stores the country name as 'countryName' but the Locale
response model expects 'country'. Build an explicit Document with
the correct field mapping so the API response includes all fields.
https://claude.ai/code/session_01Pp3FnMwnJqph6ohBatUFYL
Resolve conflicts in docker-compose.yml, Documents/Logs/XList.php,
and TablesDB/Rows/Logs/XList.php. Keep geoRecord (new geo service)
while integrating getDatabasesDB from 1.9.x. Fix 6 additional
auto-merged files that incorrectly used geodb/locale instead of
geoRecord.
https://claude.ai/code/session_01Pp3FnMwnJqph6ohBatUFYL
Damodar Lohani
Chirag Aggarwal
Matej Bačo
loks0n
Damodar Lohani
Harsh Mahajan
Claude
Harsh Mahajan
Prem Palanisamy