Encountering the same issue led me to discover that you have the option of utilizing either server-side authentication or client-side authentication, but it's important not to mix the two. For more information, check out their official blog post about sessions.
var parseExpressCookieSession = require('parse-express-cookie-session');
// Setting up middleware...
app.use(express.cookieParser('YOUR_SIGNING_SECRET'));
app.use(parseExpressCookieSession({ cookie: { maxAge: 3600000 } }));
// Creating a "login" endpoint is incredibly straightforward.
app.post("/login", function(req, res) {
Parse.User.logIn(req.body.username, req.body.password).then(function() {
// Successfully logged in, redirecting to homepage.
// parseExpressCookieSession will handle setting the cookie.
res.redirect('/');
},
function(error) {
// Login failed, redirect back to login form.
res.redirect("/login");
});
});
Additionally, while delving into the documentation, I stumbled upon this valuable insight:
To implement Parse.User authentication and session management in your Express app, simply integrate the parseExpressCookieSession middleware. All you need to do is invoke Parse.User.logIn() in Cloud Code, and this middleware will autonomously manage the user session for you.
You can utilize a web form to collect the user's login details and log them in via Cloud Code after data submission from the form. Upon invoking Parse.User.logIn(), this middleware automatically establishes a cookie in the user’s browser. Subsequent HTTP requests made from the same browser will enable this middleware to automatically define the current user in Cloud Code.
...
It is highly recommended to use HTTPS when handling user data as a security measure. The parseExpressCookieSession middleware mandates the use of HTTPS to safeguard both your app and its users. Additionally, we offer a parseExpressHttpsRedirect middleware for seamlessly redirecting all HTTP requests to HTTPS.