2023-04-24
3670
#svelte
Jannik Wempe
79414
Apr 24, 2023 ⋅ 13 min read

Authentication in Svelte using cookies

Jannik Wempe Fullstack Software Engineer passionate about serverless and modern frontend. Blogging at blog.jannikwempe.com and tweeting as @JannikWempe.

Recent posts:

Goodbye, messy data: An engineer’s guide to scalable data enrichment

Goodbye, messy data: An engineer’s guide to scalable data enrichment

Walk through building a data enrichment workflow that moves beyond simple lead gen to become a powerful internal tool for enterprises.

Alexandra Spalato
Oct 8, 2025 ⋅ 6 min read

DesignCoder and the future of AI-generated UI

From sketches to code in minutes, DesignCoder shows how AI-generated, hierarchy-aware UIs could change the way developers prototype and ship apps.

Rosario De Chiara
Oct 7, 2025 ⋅ 5 min read

Should you use if() functions in CSS?

It’s 2025, and CSS finally thinks logically. The if() function brings real conditional styling — no hacks, no JS workarounds. Here’s how to use it right.

Ikeh Akinyemi
Oct 7, 2025 ⋅ 16 min read
Typescript or Zod for Validation?

TypeScript vs Zod: Clearing up validation confusion

Learn when to use TypeScript, Zod, or both for data validation. Avoid redundant checks and build safer, type-sound applications.

Alexander Godwin
Oct 6, 2025 ⋅ 3 min read
View all posts

11 Replies to "Authentication in Svelte using cookies"

  1. Any luck getting any of the salting/hashing libraries ie bcrypt or argon2 with Sveltekit and vercel? works in dev but can’t get any hashing library working in prod with the adapter.

    1. Are they ESM modules? I have problem using CommonJS modules like ‘pg’ with Vercel or Netlify but the adapter for Node.js works for me. Another option might be to let the database handle the encryption?

  2. I’m not that good in JS and such yet but why are you using Promise.. in your unctions? You’re using a feww awaits but not promsies for checking if something is resolved, pending or such. Coudln’t you jsut replace them with true/false instead?

    1. Can you point me to an exact place in the code that isn’t clear to you?

      In general await is just syntactic sugar in JS. It allows you to write your code like it would be synchronous. With await you are literally awaiting the promise. It can be used instead of .then(). And it allows you to surround it with try-catch instead of using .catch()

      In src/routes/api/_db.js I just add promise to mimic asynchronous calls to a DB or other services.

  3. goto() won’t work either for me. Another solution would be to set the session via ‘$app/stores’ right after successfully logged in, then you can call goto function. User object should matched the same one loaded from getSession btw. What do you think about this approach?

    1. That might work.

      I plan on updating the repo to the latest SvelteKit version in a bit and I’ll have a look at that redirect part again. I’ll give an update here if it’s done.

      1. In my app, I found that goto works but does not cause the session to be reevaluated. I ended up doing that manually in my app

        const rs = await fetch(“api/auth”, { method: “POST”, body, headers });
        if (rs.ok) {
        const user = await rs.json();
        // Load user info into session.
        session.set({ authenticated: true, user });
        goto(“/”);
        }

Leave a Reply