* Prevent account creation if we're not signin up * remove cookie once logged in, 24 hours expiry, comment * adjust error messages * check signin instead of signup * appendHeader to avoid overwrites, fix typo, use NodeNextRequest to handle cookies * expire cookie if signup