@reauth-dev/sdk 0.1.0 → 0.2.0

package/dist/react/index.js

@@ -30,9 +30,27 @@ module.exports = __toCommonJS(react_exports);
 // src/react/useAuth.ts
 var import_react = require("react");
 
+// src/types.ts
+var DEFAULT_TIMEOUT_MS = 1e4;
+
 // src/client.ts
+function assertHttpsUrl(url) {
+  let parsed;
+  try {
+    parsed = new URL(url);
+  } catch {
+    throw new Error("URL must use HTTPS");
+  }
+  if (parsed.protocol !== "https:") {
+    throw new Error("URL must use HTTPS");
+  }
+}
 function createReauthClient(config) {
   const { domain } = config;
+  if (config.timeout !== void 0 && (!Number.isFinite(config.timeout) || config.timeout <= 0)) {
+    throw new Error("timeout must be a positive finite number in milliseconds");
+  }
+  const timeoutMs = config.timeout ?? DEFAULT_TIMEOUT_MS;
   const baseUrl = `https://reauth.${domain}/api/public`;
   return {
     /**
@@ -51,35 +69,47 @@ function createReauthClient(config) {
      */
     async getSession() {
       const res = await fetch(`${baseUrl}/auth/session`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
+      if (!res.ok) {
+        throw new Error(`Failed to get session: ${res.status}`);
+      }
       return res.json();
     },
     /**
      * Refresh the access token using the refresh token.
      * Call this when getSession() returns valid: false but no error_code.
-     * @returns true if refresh succeeded, false otherwise
+     * @throws Error on failed refresh (401) or server error
      */
     async refresh() {
       const res = await fetch(`${baseUrl}/auth/refresh`, {
         method: "POST",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      return res.ok;
+      if (!res.ok) {
+        throw new Error(`Failed to refresh: ${res.status}`);
+      }
     },
     /**
      * Get an access token for Bearer authentication.
      * Use this when calling your own API that uses local token verification.
      *
-     * @returns TokenResponse with access token, or null if not authenticated
+     * @returns TokenResponse with access token, or null if not authenticated or network unreachable
+     * @throws Error on server errors (non-401 HTTP status codes) or request timeout
      *
      * @example
      * ```typescript
-     * const tokenResponse = await reauth.getToken();
-     * if (tokenResponse) {
-     *   fetch('/api/data', {
-     *     headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
-     *   });
+     * try {
+     *   const tokenResponse = await reauth.getToken();
+     *   if (tokenResponse) {
+     *     fetch('/api/data', {
+     *       headers: { Authorization: `Bearer ${tokenResponse.accessToken}` }
+     *     });
+     *   }
+     * } catch (err) {
+     *   // Server error or timeout — do not log the user out
      * }
      * ```
      */
@@ -87,7 +117,8 @@ function createReauthClient(config) {
       try {
         const res = await fetch(`${baseUrl}/auth/token`, {
           method: "GET",
-          credentials: "include"
+          credentials: "include",
+          signal: AbortSignal.timeout(timeoutMs)
         });
         if (!res.ok) {
           if (res.status === 401) return null;
@@ -99,29 +130,38 @@ function createReauthClient(config) {
           expiresIn: data.expires_in,
           tokenType: data.token_type
         };
-      } catch {
-        return null;
+      } catch (err) {
+        if (err instanceof TypeError) return null;
+        throw err;
       }
     },
     /**
      * Log out the user by clearing all session cookies.
+     * @throws Error on server error
      */
     async logout() {
-      await fetch(`${baseUrl}/auth/logout`, {
+      const res = await fetch(`${baseUrl}/auth/logout`, {
         method: "POST",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
+      if (!res.ok) {
+        throw new Error(`Failed to logout: ${res.status}`);
+      }
     },
     /**
      * Delete the user's own account (self-service).
-     * @returns true if deletion succeeded, false otherwise
+     * @throws Error on permission denied or server error
      */
     async deleteAccount() {
       const res = await fetch(`${baseUrl}/auth/account`, {
         method: "DELETE",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      return res.ok;
+      if (!res.ok) {
+        throw new Error(`Failed to delete account: ${res.status}`);
+      }
     },
     // ========================================================================
     // Billing Methods
@@ -129,12 +169,16 @@ function createReauthClient(config) {
     /**
      * Get available subscription plans for the domain.
      * Only returns public plans sorted by display order.
+     * @throws Error on server error
      */
     async getPlans() {
       const res = await fetch(`${baseUrl}/billing/plans`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      if (!res.ok) return [];
+      if (!res.ok) {
+        throw new Error(`Failed to get plans: ${res.status}`);
+      }
       const data = await res.json();
       return data.map(
         (p) => ({
@@ -147,8 +191,17 @@ function createReauthClient(config) {
           interval: p.interval,
           intervalCount: p.interval_count,
           trialDays: p.trial_days,
-          features: p.features,
-          displayOrder: p.display_order
+          features: p.features.map((f) => ({
+            code: f.code,
+            name: f.name,
+            featureType: f.feature_type,
+            numericValue: f.numeric_value,
+            unitLabel: f.unit_label
+          })),
+          displayOrder: p.display_order,
+          creditsAmount: p.credits_amount,
+          planType: p.plan_type,
+          contactUrl: p.contact_url
         })
       );
     },
@@ -157,8 +210,12 @@ function createReauthClient(config) {
      */
     async getSubscription() {
       const res = await fetch(`${baseUrl}/billing/subscription`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
+      if (!res.ok) {
+        throw new Error(`Failed to get subscription: ${res.status}`);
+      }
       const data = await res.json();
       return {
         id: data.id,
@@ -182,6 +239,7 @@ function createReauthClient(config) {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs),
         body: JSON.stringify({
           plan_code: planCode,
           success_url: successUrl,
@@ -210,6 +268,7 @@ function createReauthClient(config) {
         currentUrl,
         currentUrl
       );
+      assertHttpsUrl(checkoutUrl);
       window.location.href = checkoutUrl;
     },
     /**
@@ -224,6 +283,7 @@ function createReauthClient(config) {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs),
         body: JSON.stringify({
           return_url: returnUrl || window.location.href
         })
@@ -232,18 +292,22 @@ function createReauthClient(config) {
         throw new Error("Failed to open billing portal");
       }
       const data = await res.json();
+      assertHttpsUrl(data.portal_url);
       window.location.href = data.portal_url;
     },
     /**
      * Cancel the user's subscription at period end.
-     * @returns true if cancellation succeeded
+     * @throws Error on failure or server error
      */
     async cancelSubscription() {
       const res = await fetch(`${baseUrl}/billing/cancel`, {
         method: "POST",
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
-      return res.ok;
+      if (!res.ok) {
+        throw new Error(`Failed to cancel subscription: ${res.status}`);
+      }
     },
     // ========================================================================
     // Balance Methods
@@ -254,13 +318,15 @@ function createReauthClient(config) {
      */
     async getBalance() {
       const res = await fetch(`${baseUrl}/balance`, {
-        credentials: "include"
+        credentials: "include",
+        signal: AbortSignal.timeout(timeoutMs)
       });
       if (!res.ok) {
         if (res.status === 401) throw new Error("Not authenticated");
         throw new Error(`Failed to get balance: ${res.status}`);
       }
-      return res.json();
+      const data = await res.json();
+      return { balance: data.balance };
     },
     /**
      * Get the current user's balance transaction history.
@@ -274,7 +340,7 @@ function createReauthClient(config) {
       const qs = params.toString();
       const res = await fetch(
         `${baseUrl}/balance/transactions${qs ? `?${qs}` : ""}`,
-        { credentials: "include" }
+        { credentials: "include", signal: AbortSignal.timeout(timeoutMs) }
       );
       if (!res.ok) {
         if (res.status === 401) throw new Error("Not authenticated");
@@ -297,8 +363,11 @@ function createReauthClient(config) {
 }
 
 // src/react/useAuth.ts
+var DEFAULT_REFRESH_INTERVAL_MS = 5 * 60 * 1e3;
 function useAuth(config) {
-  const client = (0, import_react.useMemo)(() => createReauthClient(config), [config.domain]);
+  const { refreshInterval = DEFAULT_REFRESH_INTERVAL_MS, ...clientConfig } = config;
+  const client = (0, import_react.useMemo)(() => createReauthClient(clientConfig), [clientConfig.domain]);
+  const isRefreshing = (0, import_react.useRef)(false);
   const [state, setState] = (0, import_react.useState)({
     user: null,
     loading: true,
@@ -307,12 +376,15 @@ function useAuth(config) {
     waitlistPosition: null
   });
   const checkSession = (0, import_react.useCallback)(async () => {
+    if (isRefreshing.current) return;
+    isRefreshing.current = true;
     try {
       let session = await client.getSession();
       if (!session.valid && !session.error_code && !session.end_user_id) {
-        const refreshed = await client.refresh();
-        if (refreshed) {
+        try {
+          await client.refresh();
           session = await client.getSession();
+        } catch {
         }
       }
       if (session.error_code === "ACCOUNT_SUSPENDED") {
@@ -368,11 +440,20 @@ function useAuth(config) {
         isOnWaitlist: false,
         waitlistPosition: null
       });
+    } finally {
+      isRefreshing.current = false;
     }
   }, [client]);
   (0, import_react.useEffect)(() => {
     checkSession();
   }, [checkSession]);
+  (0, import_react.useEffect)(() => {
+    if (refreshInterval <= 0) return;
+    const intervalId = setInterval(() => {
+      checkSession();
+    }, refreshInterval);
+    return () => clearInterval(intervalId);
+  }, [checkSession, refreshInterval]);
   const logout = (0, import_react.useCallback)(async () => {
     await client.logout();
     setState({
@@ -417,8 +498,10 @@ function ProtectedRoute({
   onWaitlist
 }) {
   const { user, loading, isOnWaitlist, login } = useAuthContext();
+  const hasRedirected = (0, import_react3.useRef)(false);
   (0, import_react3.useEffect)(() => {
-    if (!loading && !user) {
+    if (!loading && !user && !hasRedirected.current) {
+      hasRedirected.current = true;
       if (onUnauthenticated) {
         onUnauthenticated();
       } else {
@@ -427,7 +510,8 @@ function ProtectedRoute({
     }
   }, [loading, user, login, onUnauthenticated]);
   (0, import_react3.useEffect)(() => {
-    if (!loading && isOnWaitlist && onWaitlist) {
+    if (!loading && isOnWaitlist && onWaitlist && !hasRedirected.current) {
+      hasRedirected.current = true;
       onWaitlist();
     }
   }, [loading, isOnWaitlist, onWaitlist]);

package/dist/react/index.mjs

@@ -1,11 +1,15 @@
 import {
   createReauthClient
-} from "../chunk-JX2J36FS.mjs";
+} from "../chunk-DMNMTW2C.mjs";
+import "../chunk-EY5LQCDG.mjs";
 
 // src/react/useAuth.ts
-import { useState, useEffect, useCallback, useMemo } from "react";
+import { useState, useEffect, useCallback, useMemo, useRef } from "react";
+var DEFAULT_REFRESH_INTERVAL_MS = 5 * 60 * 1e3;
 function useAuth(config) {
-  const client = useMemo(() => createReauthClient(config), [config.domain]);
+  const { refreshInterval = DEFAULT_REFRESH_INTERVAL_MS, ...clientConfig } = config;
+  const client = useMemo(() => createReauthClient(clientConfig), [clientConfig.domain]);
+  const isRefreshing = useRef(false);
   const [state, setState] = useState({
     user: null,
     loading: true,
@@ -14,12 +18,15 @@ function useAuth(config) {
     waitlistPosition: null
   });
   const checkSession = useCallback(async () => {
+    if (isRefreshing.current) return;
+    isRefreshing.current = true;
     try {
       let session = await client.getSession();
       if (!session.valid && !session.error_code && !session.end_user_id) {
-        const refreshed = await client.refresh();
-        if (refreshed) {
+        try {
+          await client.refresh();
           session = await client.getSession();
+        } catch {
         }
       }
       if (session.error_code === "ACCOUNT_SUSPENDED") {
@@ -75,11 +82,20 @@ function useAuth(config) {
         isOnWaitlist: false,
         waitlistPosition: null
       });
+    } finally {
+      isRefreshing.current = false;
     }
   }, [client]);
   useEffect(() => {
     checkSession();
   }, [checkSession]);
+  useEffect(() => {
+    if (refreshInterval <= 0) return;
+    const intervalId = setInterval(() => {
+      checkSession();
+    }, refreshInterval);
+    return () => clearInterval(intervalId);
+  }, [checkSession, refreshInterval]);
   const logout = useCallback(async () => {
     await client.logout();
     setState({
@@ -115,7 +131,7 @@ function useAuthContext() {
 }
 
 // src/react/ProtectedRoute.tsx
-import { useEffect as useEffect2 } from "react";
+import { useEffect as useEffect2, useRef as useRef2 } from "react";
 import { Fragment, jsx as jsx2 } from "react/jsx-runtime";
 function ProtectedRoute({
   children,
@@ -124,8 +140,10 @@ function ProtectedRoute({
   onWaitlist
 }) {
   const { user, loading, isOnWaitlist, login } = useAuthContext();
+  const hasRedirected = useRef2(false);
   useEffect2(() => {
-    if (!loading && !user) {
+    if (!loading && !user && !hasRedirected.current) {
+      hasRedirected.current = true;
       if (onUnauthenticated) {
         onUnauthenticated();
       } else {
@@ -134,7 +152,8 @@ function ProtectedRoute({
     }
   }, [loading, user, login, onUnauthenticated]);
   useEffect2(() => {
-    if (!loading && isOnWaitlist && onWaitlist) {
+    if (!loading && isOnWaitlist && onWaitlist && !hasRedirected.current) {
+      hasRedirected.current = true;
       onWaitlist();
     }
   }, [loading, isOnWaitlist, onWaitlist]);

package/dist/server.d.mts

@@ -1,5 +1,23 @@
-import { e as ReauthServerConfig, A as AuthResult, f as RequestLike, d as UserDetails, h as ChargeOptions, i as DepositOptions, b as TransactionsPaginationOptions, B as BalanceTransaction } from './types-D8oOYbeC.mjs';
+import { e as ReauthServerConfig, A as AuthResult, f as RequestLike, d as UserDetails, h as ChargeOptions, i as DepositOptions, b as TransactionsPaginationOptions, B as BalanceTransaction } from './types-BqZzje-y.mjs';
 
+/**
+ * Derives a JWT signing secret from an API key using HKDF-SHA256.
+ * This must match the Rust backend implementation exactly.
+ *
+ * IMPORTANT: Returns hex-encoded string (64 chars), NOT raw bytes.
+ * The Rust API uses the ASCII bytes of the hex string as the JWT secret,
+ * so we must do the same for compatibility.
+ *
+ * @param apiKey - The raw API key (e.g., "sk_live_...")
+ * @param domainId - UUID of the domain (used as salt for domain isolation)
+ * @returns Promise<string> - 64-char hex string (to be used as ASCII bytes for JWT signing)
+ */
+declare function deriveJwtSecret(apiKey: string, domainId: string): Promise<string>;
+/**
+ * Parse cookies from a cookie header string.
+ * Handles URL encoding and multiple cookies properly.
+ */
+declare function parseCookies(cookieHeader: string): Record<string, string>;
 /**
  * Create a reauth client for server-side authentication.
  * Uses local JWT verification for fast, reliable auth checks.
@@ -185,4 +203,4 @@ declare function createServerClient(config: ReauthServerConfig): {
 };
 type ServerClient = ReturnType<typeof createServerClient>;
 
-export { type ServerClient, createServerClient };
+export { type ServerClient, createServerClient, deriveJwtSecret, parseCookies };

package/dist/server.d.ts

@@ -1,5 +1,23 @@
-import { e as ReauthServerConfig, A as AuthResult, f as RequestLike, d as UserDetails, h as ChargeOptions, i as DepositOptions, b as TransactionsPaginationOptions, B as BalanceTransaction } from './types-D8oOYbeC.js';
+import { e as ReauthServerConfig, A as AuthResult, f as RequestLike, d as UserDetails, h as ChargeOptions, i as DepositOptions, b as TransactionsPaginationOptions, B as BalanceTransaction } from './types-BqZzje-y.js';
 
+/**
+ * Derives a JWT signing secret from an API key using HKDF-SHA256.
+ * This must match the Rust backend implementation exactly.
+ *
+ * IMPORTANT: Returns hex-encoded string (64 chars), NOT raw bytes.
+ * The Rust API uses the ASCII bytes of the hex string as the JWT secret,
+ * so we must do the same for compatibility.
+ *
+ * @param apiKey - The raw API key (e.g., "sk_live_...")
+ * @param domainId - UUID of the domain (used as salt for domain isolation)
+ * @returns Promise<string> - 64-char hex string (to be used as ASCII bytes for JWT signing)
+ */
+declare function deriveJwtSecret(apiKey: string, domainId: string): Promise<string>;
+/**
+ * Parse cookies from a cookie header string.
+ * Handles URL encoding and multiple cookies properly.
+ */
+declare function parseCookies(cookieHeader: string): Record<string, string>;
 /**
  * Create a reauth client for server-side authentication.
  * Uses local JWT verification for fast, reliable auth checks.
@@ -185,4 +203,4 @@ declare function createServerClient(config: ReauthServerConfig): {
 };
 type ServerClient = ReturnType<typeof createServerClient>;
 
-export { type ServerClient, createServerClient };
+export { type ServerClient, createServerClient, deriveJwtSecret, parseCookies };

package/dist/server.js

@@ -30,11 +30,18 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/server.ts
 var server_exports = {};
 __export(server_exports, {
-  createServerClient: () => createServerClient
+  createServerClient: () => createServerClient,
+  deriveJwtSecret: () => deriveJwtSecret,
+  parseCookies: () => parseCookies
 });
 module.exports = __toCommonJS(server_exports);
 var import_crypto = require("crypto");
 var jose = __toESM(require("jose"));
+
+// src/types.ts
+var DEFAULT_TIMEOUT_MS = 1e4;
+
+// src/server.ts
 async function deriveJwtSecret(apiKey, domainId) {
   const salt = Buffer.from(domainId.replace(/-/g, ""), "hex");
   const info = Buffer.from("reauth-jwt-v1");
@@ -45,6 +52,28 @@ async function deriveJwtSecret(apiKey, domainId) {
     });
   });
 }
+var VALID_SUBSCRIPTION_STATUSES = /* @__PURE__ */ new Set([
+  "active",
+  "past_due",
+  "canceled",
+  "trialing",
+  "incomplete",
+  "incomplete_expired",
+  "unpaid",
+  "paused",
+  "none"
+]);
+function isValidClaims(payload) {
+  if (typeof payload.sub !== "string") return false;
+  if (typeof payload.domain_id !== "string") return false;
+  if (typeof payload.domain !== "string") return false;
+  if (!Array.isArray(payload.roles) || !payload.roles.every((r) => typeof r === "string")) return false;
+  const subscription = payload.subscription;
+  if (typeof subscription !== "object" || subscription === null || Array.isArray(subscription)) return false;
+  const status = subscription.status;
+  if (typeof status !== "string" || !VALID_SUBSCRIPTION_STATUSES.has(status)) return false;
+  return true;
+}
 function transformSubscription(sub) {
   return {
     status: sub.status,
@@ -71,6 +100,10 @@ function parseCookies(cookieHeader) {
 }
 function createServerClient(config) {
   const { domain, apiKey } = config;
+  if (config.timeout !== void 0 && (!Number.isFinite(config.timeout) || config.timeout <= 0)) {
+    throw new Error("timeout must be a positive finite number in milliseconds");
+  }
+  const timeoutMs = config.timeout ?? DEFAULT_TIMEOUT_MS;
   if (!apiKey) {
     throw new Error(
       "apiKey is required for createServerClient. Get one from the Reauth dashboard."
@@ -118,7 +151,11 @@ function createServerClient(config) {
             // 60 seconds clock skew tolerance
           }
         );
-        const claims = payload;
+        const payloadRecord = payload;
+        if (!isValidClaims(payloadRecord)) {
+          return { valid: false, user: null, claims: null, error: "Invalid token claims: missing required fields" };
+        }
+        const claims = payloadRecord;
         if (claims.domain !== domain) {
           return { valid: false, user: null, claims: null, error: "Domain mismatch" };
         }
@@ -241,10 +278,11 @@ function createServerClient(config) {
      * ```
      */
     async getUserById(userId) {
-      const res = await fetch(`${developerBaseUrl}/users/${userId}`, {
+      const res = await fetch(`${developerBaseUrl}/users/${encodeURIComponent(userId)}`, {
         headers: {
           Authorization: `Bearer ${apiKey}`
-        }
+        },
+        signal: AbortSignal.timeout(timeoutMs)
       });
       if (!res.ok) {
         if (res.status === 401) {
@@ -277,16 +315,18 @@ function createServerClient(config) {
      * @returns Object with the current balance
      */
     async getBalance(userId) {
-      const res = await fetch(`${developerBaseUrl}/users/${userId}/balance`, {
+      const res = await fetch(`${developerBaseUrl}/users/${encodeURIComponent(userId)}/balance`, {
         headers: {
           Authorization: `Bearer ${apiKey}`
-        }
+        },
+        signal: AbortSignal.timeout(timeoutMs)
       });
       if (!res.ok) {
         if (res.status === 401) throw new Error("Invalid API key");
         throw new Error(`Failed to get balance: ${res.status}`);
       }
-      return res.json();
+      const data = await res.json();
+      return { balance: data.balance };
     },
     /**
      * Charge (deduct) credits from a user's balance.
@@ -297,12 +337,13 @@ function createServerClient(config) {
      * @throws Error with status 402 if insufficient balance, 400 if invalid amount
      */
     async charge(userId, opts) {
-      const res = await fetch(`${developerBaseUrl}/users/${userId}/charge`, {
+      const res = await fetch(`${developerBaseUrl}/users/${encodeURIComponent(userId)}/charge`, {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
           Authorization: `Bearer ${apiKey}`
         },
+        signal: AbortSignal.timeout(timeoutMs),
         body: JSON.stringify({
           amount: opts.amount,
           request_uuid: opts.requestUuid,
@@ -326,12 +367,13 @@ function createServerClient(config) {
      * @returns Object with the new balance after deposit
      */
     async deposit(userId, opts) {
-      const res = await fetch(`${developerBaseUrl}/users/${userId}/deposit`, {
+      const res = await fetch(`${developerBaseUrl}/users/${encodeURIComponent(userId)}/deposit`, {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
           Authorization: `Bearer ${apiKey}`
         },
+        signal: AbortSignal.timeout(timeoutMs),
         body: JSON.stringify({
           amount: opts.amount,
           request_uuid: opts.requestUuid,
@@ -359,11 +401,12 @@ function createServerClient(config) {
       if (opts?.offset !== void 0) params.set("offset", String(opts.offset));
       const qs = params.toString();
       const res = await fetch(
-        `${developerBaseUrl}/users/${userId}/balance/transactions${qs ? `?${qs}` : ""}`,
+        `${developerBaseUrl}/users/${encodeURIComponent(userId)}/balance/transactions${qs ? `?${qs}` : ""}`,
         {
           headers: {
             Authorization: `Bearer ${apiKey}`
-          }
+          },
+          signal: AbortSignal.timeout(timeoutMs)
         }
       );
       if (!res.ok) {
@@ -387,5 +430,7 @@ function createServerClient(config) {
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
-  createServerClient
+  createServerClient,
+  deriveJwtSecret,
+  parseCookies
 });