2023-04-24
3670
#svelte
Jannik Wempe
79414
Apr 24, 2023 ⋅ 13 min read

Authentication in Svelte using cookies

Jannik Wempe Fullstack Software Engineer passionate about serverless and modern frontend. Blogging at blog.jannikwempe.com and tweeting as @JannikWempe.

Recent posts:

How to display notification badges on PWAs using the Badging API

Ding! You got a notification, but does it cause a little bump of dopamine or a slow drag of cortisol? […]

Chigozie Oduah
Sep 13, 2024 ⋅ 4 min read
JWT Authentication: Best Practices And When To Use It

JWT authentication: Best practices and when to use it

A guide for using JWT authentication to prevent basic security issues while understanding the shortcomings of JWTs.

Flavio Copes
Sep 12, 2024 ⋅ 5 min read

Auth.js adoption guide: Overview, examples, and alternatives

Auth.js makes adding authentication to web apps easier and more secure. Let’s discuss why you should use it in your projects.

Clara Ekekenta
Sep 12, 2024 ⋅ 10 min read
Lucia Auth: An Auth.js Alternative For Next.js Authentication

Lucia Auth: An Auth.js alternative for Next.js authentication

Compare Auth.js and Lucia Auth for Next.js authentication, exploring their features, session management differences, and design paradigms.

Paul Akinyemi
Sep 12, 2024 ⋅ 4 min read
View all posts

11 Replies to "Authentication in Svelte using cookies"

  1. Any luck getting any of the salting/hashing libraries ie bcrypt or argon2 with Sveltekit and vercel? works in dev but can’t get any hashing library working in prod with the adapter.

    1. Are they ESM modules? I have problem using CommonJS modules like ‘pg’ with Vercel or Netlify but the adapter for Node.js works for me. Another option might be to let the database handle the encryption?

  2. I’m not that good in JS and such yet but why are you using Promise.. in your unctions? You’re using a feww awaits but not promsies for checking if something is resolved, pending or such. Coudln’t you jsut replace them with true/false instead?

    1. Can you point me to an exact place in the code that isn’t clear to you?

      In general await is just syntactic sugar in JS. It allows you to write your code like it would be synchronous. With await you are literally awaiting the promise. It can be used instead of .then(). And it allows you to surround it with try-catch instead of using .catch()

      In src/routes/api/_db.js I just add promise to mimic asynchronous calls to a DB or other services.

  3. goto() won’t work either for me. Another solution would be to set the session via ‘$app/stores’ right after successfully logged in, then you can call goto function. User object should matched the same one loaded from getSession btw. What do you think about this approach?

    1. That might work.

      I plan on updating the repo to the latest SvelteKit version in a bit and I’ll have a look at that redirect part again. I’ll give an update here if it’s done.

      1. In my app, I found that goto works but does not cause the session to be reevaluated. I ended up doing that manually in my app

        const rs = await fetch(“api/auth”, { method: “POST”, body, headers });
        if (rs.ok) {
        const user = await rs.json();
        // Load user info into session.
        session.set({ authenticated: true, user });
        goto(“/”);
        }

Leave a Reply