Parse / Node.js, user session management (javascript sdk). Parse.User.current() won't persist

Question

I'm attempting to use the parseExpressCookieSession module within my self-hosted node.js server that uses the parse javascript SDK module on the server-side. I'm following the instructions found here to set up the server to automatically persist user sessions in the Parse.User.current() object.

However, the Parse.User.current() object is always null on making new requests to the node.js server after a successful login. Attached is the set up code for my server.js file.

server.js:

var express  = require('express');
var app      = express();                               // create our app w/ express
var morgan = require('morgan');             // log requests to the console (express4)
var bodyParser = require('body-parser');    // pull information from HTML POST (express4)
var methodOverride = require('method-override'); // simulate DELETE and PUT (express4)
var logger = require('./logger');
var api = require('./api.js');
var config = require('./config');
GLOBAL.Parse = require('parse').Parse;
Parse.initialize(config.parse.appID, config.parse.jsKey);
var cookieParser = require('cookie-parser');
var parseExpressHttpsRedirect = require('parse-express-https-redirect');
var parseExpressCookieSession = require('parse-express-cookie-session');

// configuration =================
app.use(parseExpressHttpsRedirect());
app.use(express.static(__dirname + '/public'));    
app.use(morgan("dev", { "stream": logger.stream }));
app.use(bodyParser.urlencoded({'extended':'true'}));
app.use(bodyParser.json());
app.use(bodyParser.json({ type: 'application/vnd.api+json' }));
app.use(methodOverride());
app.use(cookieParser(config.parse.jsKey));
app.use(parseExpressCookieSession({ cookie: { maxAge: 3600000 } }));

Answer 1

I ended up using Parse's Parse.User.become() method instead of attempting to use the Parse Express Cookie middleware. You have to use the CookieParser and CookieSession packages and include them:

var cookieParser = require('cookie-parser');
var cookieSession = require('cookie-session');

Set them up:

app.use(cookieSession({
  name: COOKIE_NAME,
  secret: COOKIE_SECRET,
  maxAge: 15724800000
}));

app.use(cookieParser(COOKIE_SECRET));

In your login and sign up functions, set the user's session token in your cookie:

Parse.User.logIn(username, password, {
      success: function(user) {
        console.log(user);
        req.session.token = user._sessionToken;
        res.sendStatus(200);
      },
      error: function(user, error) {
        res.status(400).send(error);
      }
    });

And finally, before responding to any request that might need a user to be logged in, check to see if a sessionToken exists in the cookie and then set the user using that session token:

Parse.User.become(req.session.token ? req.session.token : "NoTokenFound").then(function (user) {
      // Do something now that we have a Parse.User stored in the "user" var
    }, function (error) {
      console.log(error);
      res.sendStatus(200);
    });

Answer 2

Parse.User.enableUnsafeCurrentUser()

This is undocumented, but works. I don't know why the maintainers of parse decide to make essential functions like Parse.User.current() stop working and then you have to search around forever for some undocumented workaround.