2023-04-24
3670
#svelte
Jannik Wempe
79414
Apr 24, 2023 ⋅ 13 min read

Authentication in Svelte using cookies

Jannik Wempe Fullstack Software Engineer passionate about serverless and modern frontend. Blogging at blog.jannikwempe.com and tweeting as @JannikWempe.

Recent posts:

file based routing in react router

File-based routing in React Router v7 – Why keep it optional?

Explore the new mode that introduced file-based routing in v7, why it remains optional, and when to use it or stick with a different approach.

Elijah Asaolu
Sep 9, 2025 ⋅ 6 min read
mcp is the new browser

MCP is replacing the browser: Here’s how devs should prepare

Learn how MCP will replace the traditional browser, what this shift means for frontend devs, and how to start prepping for an AI-first future.

Peter Aideloje
Sep 9, 2025 ⋅ 6 min read

Effective rendering with Selective SSR in TanStack Start

TanStack Start’s Selective SSR lets you control route rendering with server, client, or data-only modes. Learn how it works with a real app example.

Amazing Enyichi Agu
Sep 8, 2025 ⋅ 10 min read
How Cursor Project Rules Can Improve Next.js App Development

How Cursor project rules can improve Next.js app development

Learn how Cursor project rules streamline Next.js apps with automated conventions, consistent components, and faster developer onboarding.

Muhammed Ali
Sep 8, 2025 ⋅ 4 min read
View all posts

11 Replies to "Authentication in Svelte using cookies"

  1. Any luck getting any of the salting/hashing libraries ie bcrypt or argon2 with Sveltekit and vercel? works in dev but can’t get any hashing library working in prod with the adapter.

    1. Are they ESM modules? I have problem using CommonJS modules like ‘pg’ with Vercel or Netlify but the adapter for Node.js works for me. Another option might be to let the database handle the encryption?

  2. I’m not that good in JS and such yet but why are you using Promise.. in your unctions? You’re using a feww awaits but not promsies for checking if something is resolved, pending or such. Coudln’t you jsut replace them with true/false instead?

    1. Can you point me to an exact place in the code that isn’t clear to you?

      In general await is just syntactic sugar in JS. It allows you to write your code like it would be synchronous. With await you are literally awaiting the promise. It can be used instead of .then(). And it allows you to surround it with try-catch instead of using .catch()

      In src/routes/api/_db.js I just add promise to mimic asynchronous calls to a DB or other services.

  3. goto() won’t work either for me. Another solution would be to set the session via ‘$app/stores’ right after successfully logged in, then you can call goto function. User object should matched the same one loaded from getSession btw. What do you think about this approach?

    1. That might work.

      I plan on updating the repo to the latest SvelteKit version in a bit and I’ll have a look at that redirect part again. I’ll give an update here if it’s done.

      1. In my app, I found that goto works but does not cause the session to be reevaluated. I ended up doing that manually in my app

        const rs = await fetch(“api/auth”, { method: “POST”, body, headers });
        if (rs.ok) {
        const user = await rs.json();
        // Load user info into session.
        session.set({ authenticated: true, user });
        goto(“/”);
        }

Leave a Reply