Session Token validation with NodeJS


I would need to see some code or something, can you setup a sandbox environment and pm me the details. I’m happy to help as I have been in this position with Parse and it’s frustrating as hell.

Can you post the code, where you are trying this: I validate the session token server side then send the response (this is where I’m stuck)?


That’s the code I posted above with the axios request. In postman it gives me a successful response but in node with axios, it gives me an 403 error.

I will message you about setting up a sandbox environment. Thank you.


I’m actually facing a similar situation with Nuxt when running on SSR. In Nuxt there’s a certain function (asyncData) that’s called on both server side and client side to initialize the data.

asyncData() {

When running on server side, it’s bound to error because there’s no access to the localStorage. I know I can ditch the Parse SDK and use REST API instead, it’ll be too much of wrapping codes to do.

Or, I could separate the codes depending if it’s running on server or client, but it’s going to duplicated everywhere.

I tried to set the RESTController to read the sessionToken from cookies.

  ajax: (...args) => RESTController.ajax.apply(null, args),
  request(...args) {
    const token = getSessionToken(req.headers.cookie)
    return injectSessionToken(token, RESTController).apply(null, args);

I was too naive, Parse SDK is a singleton, under race conditions, user A could access user B’s data.

My takeaway was that Parse is not a good choice for SSR, especially the data you’re trying to access is restricted. I guess I’m going to stick with SPA for now.


Instead of using Parse.User static methods, you’d need to send { sessionToken: “” } option in each of your queries.