What's the proper way of handling user authentication from server side?


So currently I am signing up user’s from the server side, if successful I set a cookie for the token.

Like so:

routes.post('/signup', async (req, res) => {

  const user = new Parse.User();
  user.set('username', req.body.username);
  user.set('email', req.body.email);
  user.set('password', req.body.password);

  try {
    await user.signUp();
    res.cookie('token', user.getSessionToken());
  } catch (error) {
    console.log("Error: " + error.code + " " + error.message);


Is this the proper way?

What I want to be able to do is to be able to check whether a user is logged in or not from the server side and redirect them accordingly.


The way you are signing up seems to be fine for me. In order to validate if the user is logged in, I’d read sessionToken from cookie and perform a query on Session collection to check if this session token is valid.