DEV Community: Thiago David The latest articles on DEV Community by Thiago David (@thiteago). https://dev.to/thiteago https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1088148%2Fc2b86654-dd6d-4902-8b09-e65c5e59b87b.jpeg DEV Community: Thiago David https://dev.to/thiteago en [Boost] Thiago David Fri, 21 Feb 2025 14:45:02 +0000 https://dev.to/thiteago/-299i https://dev.to/thiteago/-299i <div class="ltag__link"> <a href="/carloshendvpm" class="ltag__link__link"> <div class="ltag__link__pic"> <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1086395%2Fadf717af-af67-46dc-a7cf-b87c64b537c7.png" alt="carloshendvpm"> </div> </a> <a href="https://dev.to/carloshendvpm/hospedando-seu-site-estatico-no-amazon-s3-4c22" class="ltag__link__link"> <div class="ltag__link__content"> <h2>Hospedando seu site estático no Amazon S3 🚀</h2> <h3>Carlos Henrique ・ Feb 21</h3> <div class="ltag__link__taglist"> <span class="ltag__link__tag">#aws</span> <span class="ltag__link__tag">#s3</span> <span class="ltag__link__tag">#cloud</span> <span class="ltag__link__tag">#webdev</span> </div> </div> </a> </div> aws s3 cloud webdev Exposing Plex Application with Cloudflare Tunnel and Authenticate with Zero Trust Thiago David Mon, 10 Feb 2025 18:21:27 +0000 https://dev.to/thiteago/exposing-plex-application-with-cloudlfare-tunnel-and-authenticate-with-zero-trust-ppb https://dev.to/thiteago/exposing-plex-application-with-cloudlfare-tunnel-and-authenticate-with-zero-trust-ppb <p>For tech enthusiasts who value practicality and organization when watching movies and series, this article is for you. Today, we'll discuss the <strong>Plex</strong> application, how to expose it to the internet (outside your local network), and how to protect it from unauthorized access using <strong>Cloudflare</strong> services.</p> <h2> Requirements </h2> <p>To ensure everything runs smoothly, the following prerequisites are essential:</p> <ul> <li>A <strong>Cloudflare account</strong>.</li> <li>A <strong>custom domain</strong> (e.g., <code>mydomain.com</code>).</li> <li>Optional: A <strong>Google Cloud Console</strong> account (for Google login integration).</li> </ul> <p>⚠️ <strong>Note:</strong> Cloudflare will need to control your domain's DNS. If you're currently using another provider (e.g., GoDaddy, Vercel, Netlify, etc.), you'll need to switch to Cloudflare for the services we'll use here.</p> <h2> What is Plex? </h2> <p><strong>Plex</strong> is a <strong>media server</strong> application that allows you to organize, stream, and access your personal media library (movies, TV shows, music, photos, and videos) from anywhere. It functions as a <strong>media server</strong> installed on your computer or another compatible device, and a <strong>player</strong> that can be used on various devices such as smartphones, smart TVs, tablets, consoles, and browsers.</p> <p>In essence, Plex consolidates all media from a specific device (typically a server) and serves it to other devices on the same network that have the Plex app installed.</p> <h2> What is Cloudflare? </h2> <p><strong>Cloudflare</strong> is a company that offers a global network of services to improve the <strong>security, performance, and availability</strong> of websites, applications, and APIs. It acts as a <strong>CDN (Content Delivery Network)</strong> and a <strong>reverse proxy</strong>, protecting servers against attacks (e.g., DDoS) and speeding up page loading by caching content across multiple global locations.</p> <p>Additionally, Cloudflare provides services such as <strong>fast and secure DNS, firewalls, load balancing, API security, corporate VPNs, and Zero Trust solutions</strong>.</p> <h3> Cloudflare Tunnel </h3> <p>The <strong>Cloudflare Tunnel</strong> is a service that allows you to securely expose internal applications or servers to the internet without opening firewall ports or using a public IP. It creates an <strong>encrypted tunnel</strong> between your local network and Cloudflare's infrastructure.</p> <h3> Zero Trust </h3> <p><strong>Cloudflare Zero Trust</strong> is a security platform that implements the <strong>Zero Trust model</strong>, ensuring that no user, device, or network is automatically trusted. It protects access to internal applications, networks, and devices without relying on traditional VPNs.</p> <p>With <strong>Cloudflare Zero Trust</strong>, businesses can control <strong>who accesses their systems, from where, and under what conditions</strong>, ensuring maximum security.</p> <h2> Getting Started </h2> <p>Let's begin by installing <strong>Plex</strong> on the computer that will serve as your media server.</p> <h3> Step 1: Create a Plex Account </h3> <p>Visit <a href="https://watch.plex.tv/pt/live-tv" rel="noopener noreferrer">https://watch.plex.tv/pt/live-tv</a> and complete the sign-up process.</p> <h3> Step 2: Download the Media Server </h3> <p>Once you have access to your account, go to <a href="https://www.plex.tv/pt-br/media-server-downloads/" rel="noopener noreferrer">https://www.plex.tv/pt-br/media-server-downloads/</a> and download the <strong>Plex Media Server</strong>. After downloading, follow the installation steps as you would for any other Windows program.</p> <p>At this point, you'll have a Plex server running on your machine. After installation, Plex will likely redirect you to its dashboard. Here, you'll notice several options, such as <strong>Movies &amp; Shows</strong> and <strong>Live TV</strong>. Personally, I tend to hide these since I don't use them.</p> <h2> Plex Configuration </h2> <p>Before moving on to Cloudflare, there are a few things you should be aware of to ensure your media appears in Plex.</p> <h3> Adding Media Libraries </h3> <p>To add your media directories, go to <strong>Settings -&gt; Media Libraries -&gt; Add Library</strong>. Here, you can define the type of library (movies, TV shows, etc.) and select the desired folder path. Save your changes.</p> <p>If you don't see any movies or TV shows in Plex, there are two things you can check:</p> <h4> 1. Enable Automatic Media Scanning </h4> <p>Go to <strong>Settings -&gt; Libraries</strong>. You'll see two options: <strong>Scan my library automatically</strong> and <strong>Scan my library periodically</strong>. Enable both to ensure new media is detected and added to Plex.</p> <h4> 2. Folder Structure </h4> <p>Plex expects a specific folder structure to properly index and fetch metadata for your media.</p> <p>You can refer to Plex's official articles on organizing <a href="https://support.plex.tv/articles/naming-and-organizing-your-movie-media-files/" rel="noopener noreferrer">movies</a> and <a href="https://support.plex.tv/articles/naming-and-organizing-your-tv-show-files/" rel="noopener noreferrer">TV shows</a>. Below is a basic example:</p> <h5> Movies: </h5> <p>Pattern: <code>/Movies/MovieName (release year)/MovieName (release year).extension</code><br> Example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>/Movies /Avatar (2009) Avatar (2009).mkv /Batman Begins (2005) Batman Begins (2005).mp4 Batman Begins (2005).en.srt poster.jpg </code></pre> </div> <h5> Tv Shows: </h5> <p>Pattern: <code>/Series/SerieName (release year)/Season (season number)/S01E01 - Name.extension</code><br> Example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>/TV Shows /Doctor Who (1963) /Season 01 Doctor Who (1963) - s01e01 - An Unearthly Child (1).mp4 Doctor Who (1963) - s01e02 - The Cave of Skulls (2).mp4 /From the Earth to the Moon (1998) /Season 01 From the Earth to the Moon (1998) - s01e01.mp4 From the Earth to the Moon (1998) - s01e02.mp4 /Grey's Anatomy (2005) /Season 00 Grey's Anatomy (2005) - s00e01 - Straight to the Heart.mkv /Season 01 Grey's Anatomy (2005) - s01e01 - pt1.avi Grey's Anatomy (2005) - s01e01 - pt2.avi Grey's Anatomy (2005) - s01e02 - The First Cut is the Deepest.avi Grey's Anatomy (2005) - s01e03.mp4 /Season 02 Grey's Anatomy (2005) - s02e01-e03.avi Grey's Anatomy (2005) - s02e04.m4v /The Colbert Report (2005) /Season 08 The Colbert Report (2005) - 2011-11-15 - Elijah Wood.avi /The Office (UK) (2001) {tmdb-2996} /Season 01 The Office (UK) - s01e01 - Downsize.mp4 / The Office (US) (2005) {tvdb-73244} /Season 01 The Office (US) - s01e01 - Pilot.mkv </code></pre> </div> <h2> Cloudflare Setup </h2> <p>Now that your Plex server is running and your media is accessible on your local network, let's move on to exposing it to the internet using Cloudflare.</p> <h3> Step 1: Create a Cloudflare Account </h3> <p>Visit <a href="https://dash.cloudflare.com/login" rel="noopener noreferrer">https://dash.cloudflare.com/login</a> and complete the sign-up process. Once done, you'll be redirected to the Cloudflare dashboard. On the home screen, you'll be prompted to add and configure your domain's DNS settings with Cloudflare.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpnvg9ra69sr9v71rk3pc.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpnvg9ra69sr9v71rk3pc.png" alt="Cloudflare Dashboard" width="800" height="243"></a></p> <p>Follow the steps provided by Cloudflare to adjust your DNS settings.</p> <h3> Step 2: Zero Trust Dashboard </h3> <p>After configuring your domain, navigate to the <strong>Zero Trust Dashboard</strong> (accessible via the sidebar or directly at <a href="https://one.dash.cloudflare.com/" rel="noopener noreferrer">https://one.dash.cloudflare.com/</a>). On your first visit, you'll be asked to create a "team name." Remember this name, as we'll use it later for Google integration.</p> <p>Select the plan that suits your needs. For this guide, we'll use the <strong>free plan</strong>, which is sufficient for our purposes. Cloudflare will ask for a credit card, similar to other providers like AWS or DigitalOcean.</p> <h3> Step 3: Create a Tunnel </h3> <p>To configure the tunnel, follow these steps:</p> <ol> <li>In the sidebar, expand the <strong>Networks</strong> menu and click on <strong>Tunnels</strong>.</li> <li>Click <strong>Create Tunnel</strong>, give it a name, and follow the installation and activation steps for the <code>cloudflared</code> adapter.</li> <li>In <strong>Public Hostnames</strong>, specify a subdomain (e.g., <code>plex.mydomain.com</code>) and select your domain.</li> <li>Under <strong>Service</strong>, choose the <code>http</code> protocol and point it to your local Plex server at <code>localhost:32400</code>.</li> </ol> <p>If everything is set up correctly, the tunnel status will show as <strong>Healthy</strong>.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft9xieg1gw9ehko221hhn.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ft9xieg1gw9ehko221hhn.png" alt="Tunnel Status" width="284" height="105"></a></p> <p>At this point, you can access your Plex server via the URL you specified. However, this leaves your server open to anyone, which is not ideal for privacy or performance. Let's secure it further.</p> <h2> Access Control with Zero Trust </h2> <p>To ensure only authorized users can access your Plex server, we'll use Cloudflare's <strong>Access</strong> feature.</p> <h3> Google Authentication (Optional) </h3> <p>If you want to integrate Google login, follow these steps:</p> <ol> <li><p>Visit the Google Cloud Platform console. Create a new project, name the project, and select <strong>Create</strong>.</p></li> <li><p>On the project home page, go to <strong>APIs &amp; Services</strong> on the sidebar and select <strong>Dashboard</strong>.</p></li> <li><p>On the sidebar, go to <strong>Credentials</strong> and select <strong>Configure Consent Screen</strong> at the top of the page.<a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp392flwvch0r76tlghbp.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fp392flwvch0r76tlghbp.png" alt="enter image description here" width="800" height="337"></a></p></li> <li><p>Choose <code>External</code> as the User Type. Since this application is not being created in a Google Workspace account, any user with a Gmail address can login.</p></li> <li><p>Name the application, add a support email, and input contact fields. Google Cloud Platform requires an email in your account. <strong>Note:</strong> In the <strong>Scopes</strong> section, we recommend adding the <code>userinfo.email</code> scope. This is not required for the integration, but shows authenticating users what information is being gathered. You do not need to add test users.</p></li> <li><p>Return to the <strong>APIs &amp; Services</strong> page, select <strong>Create Credentials</strong> &gt; <strong>OAuth client ID</strong>, and name the application.<a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzdo2iyfzd6pjra2p4vkg.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzdo2iyfzd6pjra2p4vkg.png" alt="enter image description here" width="800" height="306"></a></p></li> <li> <p>Under <strong>Authorized JavaScript origins</strong>, in the <strong>URIs</strong> field, enter your team domain:<br> </p> <pre class="highlight plaintext"><code>https://&lt;your-team-name&gt;.cloudflareaccess.com </code></pre> <p>You can find your team name in Zero Trust under <strong>Settings</strong> &gt; <strong>Custom Pages</strong>.</p> </li> <li> <p>Under <strong>Authorized redirect URIs</strong>, in the <strong>URIs</strong> field, enter the following URL:<br> </p> <pre class="highlight plaintext"><code>https://&lt;your-team-name&gt;.cloudflareaccess.com/cdn-cgi/access/callback </code></pre> </li> <li><p>Google will present the OAuth Client ID and Secret values. The secret field functions like a password and should not be shared. Copy <strong>both values.</strong></p></li> </ol> <p>Next, go to the Zero Trust dashboard, navigate to <strong>Settings -&gt; Authentication</strong>, and add a new login method using the Google credentials you just created.</p> <h3> User Lists </h3> <p>Before creating access policies, let's create a list of pre-approved users:</p> <ol> <li>Go to <strong>My Team -&gt; Lists</strong> and click <strong>Create Manual List</strong>.</li> <li>Name the list (e.g., <code>Plex Users</code>), set the type to <strong>User Emails</strong>, and add the emails of authorized users.</li> </ol> <h3> Access Policies </h3> <p>We are in the final stage, and now we will create our <code>policies</code>, which are essentially the rules that users attempting to access the application must follow. In this step, we will create two policies. One to ensure that users listed in our previously created list have unrestricted access.</p> <h3> Creating the First Policy </h3> <ol> <li>Go to <code>access -&gt; policies</code> in the Zero Trust dashboard and click on <code>Create policy</code>.</li> <li>In this first <code>policy</code>, we will specify that any user who logs in with the email specified in the list created earlier will have free access. Choose a name that aligns with the policy (e.g., <code>pre-approved users</code>).</li> <li>In <code>Action</code>, select <code>Allow</code>, and the session duration is up to you.</li> <li>Under <code>Rules</code>, keep only one instruction of <code>Include</code>. In the selector, choose <code>Email List</code> (if you haven’t created the list, you can simply select <code>Emails</code>), and in the value field, choose your list.</li> </ol> <p>You can save and create a new policy.</p> <h3> Creating the Second Policy </h3> <ol> <li>For this new policy, specify a name related to requesting access.</li> <li>In <code>Action</code>, define <code>Allow</code>. </li> <li>Under <code>Rules</code>, add the selector <code>Login Methods</code>, and in the value, specify <code>Google</code> and <code>One-time Pin</code>. These methods may vary depending on your needs. If you haven't integrated with Google, you can select only the Pin.</li> <li>To ensure users not on our pre-approved lists can request access, check the <code>Purpose justification</code> checkbox. Optionally, provide a message for users to explain why they need access. Then, check the <code>Temporary authentication</code> checkbox and provide your email or the email of the person responsible for approving new user access. It is important to note that new users who go through this requested access stage cannot have indefinite access (usually, it allows access for up to 1 day). Therefore, I recommend that if you want to grant permanent access, add their email to the list we created earlier.</li> </ol> <p>After saving the policy, we can proceed to the final stage.</p> <h2> Final Steps: Creating the Application </h2> <p>To apply these policies to your Plex server:</p> <ol> <li>Go to <strong>Access -&gt; Applications</strong>.</li> <li>Click <strong>Add an Application</strong> and select <strong>Self-Hosted</strong>.</li> <li>Name your application and specify the same URL used in your tunnel.</li> <li>Under <strong>Access Policies</strong>, select the two policies you created, ensuring the pre-approved policy is evaluated first.</li> </ol> <h2> Conclusion </h2> <p>Congratulations! Your Plex server is now securely exposed to the internet, with controlled access to ensure only authorized users can stream your media. This setup combines the convenience of Plex with the robust security of Cloudflare, giving you peace of mind and a seamless streaming experience. Enjoy your media library from anywhere!</p> cloudflare plex Protecting sveltekit routes from unauthenticated users Thiago David Mon, 27 Nov 2023 21:17:59 +0000 https://dev.to/thiteago/protecting-sveltekit-routes-from-unauthenticated-users-nb9 https://dev.to/thiteago/protecting-sveltekit-routes-from-unauthenticated-users-nb9 <p>While developing a SvelteKit app, I found myself contemplating the intricacies of authentication, specifically regarding the proper storage of user session data and securing access to private routes. In my case, I was working with a Rails API handling user registration and authentication through Devise JWT. I opted not to use any ORMs (such as Prisma or Sequelize).</p> <p>As I delved into the available resources, I came across articles detailing route protection using cookies and hooks. However, adapting their code to meet my specific needs proved challenging. My requirements included integrating a Rails API for user management, avoiding the use of ORMs, and ensuring secure handling of sensitive data.</p> <p>In this article, I'll guide you through handling user session data and implementing routing protection in such a scenario.</p> <h2> Understanding HTTP Cookies </h2> <p>HTTP Cookies are familiar components for anyone who has traversed websites. Essentially, cookies are small files stored in browsers, typically containing information like authentication tokens or session data. To enhance security, we prefer not to store sensitive data directly in cookies. This concern led to the introduction of <strong>HTTPOnly Cookies</strong>, which ensures that the server receives the cookie with each specific request, while JavaScript remains unable to access it.</p> <h2> Unpacking SvelteKit Hooks </h2> <p>SvelteKit Hooks, according to the documentation, are app-wide functions that you declare, and SvelteKit calls them in response to specific events. This grants you fine-grained control over the framework's behavior. Leveraging hooks allows us to exercise control over each request passing through our application, enabling us to capture the pathname of the URL the user is attempting to access. This capability proves crucial for redirecting unauthenticated users.</p> <h2> Implementation Steps </h2> <p>Before diving into the implementation details, I assume you already have an external API application, like a Rails or Node.js server, up and running. This allows us to focus more on the SvelteKit implementation. Let's proceed by creating a new SvelteKit app using npm.</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> npm create svelte@latest sveltekit-auth <span class="nb">cd </span>sveltekit-auth npm <span class="nb">install</span> </code></pre> </div> <p>Now that we have the initial structure in place, let's create some basic forms for testing authentication. We'll create three new routes: signin, signup, and logout.</p> <p>on the signin and signup i will create two files.</p> <ul> <li>+page.svelte</li> <li>+page.server.js</li> </ul> <p>and on the logout i will only create one file, the <code>+page.server.js</code>.</p> <p>the structure it will be like that:</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3la9k3loz0sy5513iqtk.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3la9k3loz0sy5513iqtk.png" alt="file structure of the routes"></a></p> <p>Before delving into the code for these files, let's create a SvelteKit store to maintain user data in runtime memory. Inside the <code>src/lib</code> folder, create a store folder, and within it, a file named <code>user.js</code>.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwcavuq0k6f645dqi5ynq.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwcavuq0k6f645dqi5ynq.png" alt="file structure of the store folder"></a></p> <p>Inside <code>user.js</code>, add the following code:</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="c1">// src/stores/user.js</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">writable</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">svelte/store</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nf">writable</span><span class="p">({</span> <span class="na">email</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="na">name</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="p">})</span> </code></pre> </div> <p>This store provides a global object to access and manipulate user data.</p> <p>Next, let's create basic forms for signup and signin. These forms are simple for testing purposes and lack styling for simplicity.</p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code> <span class="c">&lt;!-- signup/+page.svelte --&gt;</span> <span class="nt">&lt;h1&gt;</span>This is the Signup page<span class="nt">&lt;/h1&gt;</span> <span class="nt">&lt;form</span> <span class="na">action=</span><span class="s">"/signup"</span> <span class="na">method=</span><span class="s">"POST"</span><span class="nt">&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"text"</span> <span class="na">name=</span><span class="s">"name"</span> <span class="na">placeholder=</span><span class="s">"Name"</span><span class="nt">&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"text"</span> <span class="na">name=</span><span class="s">"email"</span> <span class="na">placeholder=</span><span class="s">"email"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"password"</span> <span class="na">name=</span><span class="s">"password"</span> <span class="na">placeholder=</span><span class="s">"Password"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;button</span> <span class="na">type=</span><span class="s">"submit"</span><span class="nt">&gt;</span>Sign up<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;/form&gt;</span> </code></pre> </div> <p>signin page:</p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code> <span class="c">&lt;!-- signin/+page.svelte --&gt;</span> <span class="nt">&lt;h1&gt;</span>This is the signin page<span class="nt">&lt;/h1&gt;</span> <span class="nt">&lt;form</span> <span class="na">action=</span><span class="s">"/signin"</span> <span class="na">method=</span><span class="s">"POST"</span><span class="nt">&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"text"</span> <span class="na">name=</span><span class="s">"email"</span> <span class="na">placeholder=</span><span class="s">"email"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"password"</span> <span class="na">name=</span><span class="s">"password"</span> <span class="na">placeholder=</span><span class="s">"Password"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;button</span> <span class="na">type=</span><span class="s">"submit"</span><span class="nt">&gt;</span>Sign in<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;/form&gt;</span> </code></pre> </div> <p>Notice that we retained the initial +page.svelte in the root route (<a href="http://localhost:5173/" rel="noopener noreferrer">http://localhost:5173/</a>). Why? We'll treat it as a "private" page that doesn't accept access from unauthenticated users. In this file, we'll set up the following code:</p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code> <span class="c">&lt;!-- routes/+page.svelte --&gt;</span> <span class="nt">&lt;h1&gt;</span>This will be our protected page<span class="nt">&lt;/h1&gt;</span> <span class="nt">&lt;form</span> <span class="na">action=</span><span class="s">"/logout"</span> <span class="na">method=</span><span class="s">"post"</span><span class="nt">&gt;</span> <span class="nt">&lt;button&gt;</span>Logout<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;/form&gt;</span> </code></pre> </div> <p>Now, let's set up the server files for each route. For the signup route, create <code>+page.server.js</code>:</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="c1">// signup/+page.server.js</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">user</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">$lib/stores/user.js</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">redirect</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@sveltejs/kit</span><span class="dl">'</span> <span class="c1">//create a new action called default passing the cookies, request and fetch as parameters</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">actions</span> <span class="o">=</span> <span class="p">{</span> <span class="na">default</span><span class="p">:</span> <span class="k">async </span><span class="p">({</span> <span class="nx">cookies</span><span class="p">,</span> <span class="nx">request</span><span class="p">,</span> <span class="nx">fetch</span><span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">//retrieve the form data from the request and set it to the variables</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">request</span><span class="p">.</span><span class="nf">formData</span><span class="p">()</span> <span class="kd">const</span> <span class="nx">email</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">email</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">password</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">name</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">name</span><span class="dl">'</span><span class="p">)</span> <span class="c1">//check if the variables are valid and if not, return an error</span> <span class="k">if </span><span class="p">(</span> <span class="k">typeof</span> <span class="nx">email</span> <span class="o">!==</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span> <span class="o">||</span> <span class="k">typeof</span> <span class="nx">password</span> <span class="o">!==</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span> <span class="o">||</span> <span class="o">!</span><span class="nx">email</span> <span class="o">||</span> <span class="o">!</span><span class="nx">password</span> <span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="p">{</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">//send the data to the backend API (use your endpoint in this case)</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">'</span><span class="s1">http://localhost:3000/users</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">POST</span><span class="dl">'</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Content-Type</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">application/json</span><span class="dl">'</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">user</span><span class="p">:</span> <span class="p">{</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span><span class="p">,</span> <span class="nx">name</span> <span class="p">}</span> <span class="p">})</span> <span class="p">})</span> <span class="c1">//if the response is ok, set the cookies and redirect to the homepage</span> <span class="k">if </span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">ok</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">response</span><span class="p">.</span><span class="nf">json</span><span class="p">()</span> <span class="c1">//setting the cookies of user and jwt</span> <span class="nx">cookies</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">user</span><span class="dl">'</span><span class="p">,</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">user</span><span class="p">))</span> <span class="nx">cookies</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">jwt</span><span class="dl">'</span><span class="p">,</span> <span class="nx">response</span><span class="p">.</span><span class="nx">headers</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">Authorization</span><span class="dl">'</span><span class="p">))</span> <span class="kd">let</span> <span class="nx">obj</span> <span class="o">=</span> <span class="p">{</span> <span class="p">...</span><span class="nx">data</span><span class="p">,</span> <span class="na">jwt</span><span class="p">:</span> <span class="nx">response</span><span class="p">.</span><span class="nx">headers</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">Authorization</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="nx">user</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="nx">obj</span><span class="p">)</span> <span class="c1">//redirect user to the protected page</span> <span class="k">throw</span> <span class="nf">redirect</span><span class="p">(</span><span class="mi">302</span><span class="p">,</span> <span class="dl">'</span><span class="s1">/</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="c1">//if the response is not ok, return the errors</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">errors</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">response</span><span class="p">.</span><span class="nf">json</span><span class="p">()</span> <span class="k">return</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="p">{</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="nx">errors</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>For the signin route, create <code>+page.server.js</code>:</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="c1">// signin/+page.server.js</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">user</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">$lib/stores/user.js</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">redirect</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@sveltejs/kit</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">actions</span> <span class="o">=</span> <span class="p">{</span> <span class="na">default</span><span class="p">:</span> <span class="k">async </span><span class="p">({</span> <span class="nx">cookies</span><span class="p">,</span> <span class="nx">request</span><span class="p">,</span> <span class="nx">fetch</span><span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">request</span><span class="p">.</span><span class="nf">formData</span><span class="p">()</span> <span class="kd">const</span> <span class="nx">email</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">email</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">password</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span> <span class="k">typeof</span> <span class="nx">email</span> <span class="o">!==</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span> <span class="o">||</span> <span class="k">typeof</span> <span class="nx">password</span> <span class="o">!==</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span> <span class="o">||</span> <span class="o">!</span><span class="nx">email</span> <span class="o">||</span> <span class="o">!</span><span class="nx">password</span> <span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="p">{</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">'</span><span class="s1">http://localhost:3000/users/sign_in</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">POST</span><span class="dl">'</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Content-Type</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">application/json</span><span class="dl">'</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">user</span><span class="p">:</span> <span class="p">{</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="p">})</span> <span class="p">})</span> <span class="k">if </span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">ok</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">response</span><span class="p">.</span><span class="nf">json</span><span class="p">()</span> <span class="nx">cookies</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">user</span><span class="dl">'</span><span class="p">,</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">user</span><span class="p">))</span> <span class="nx">cookies</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">jwt</span><span class="dl">'</span><span class="p">,</span> <span class="nx">response</span><span class="p">.</span><span class="nx">headers</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">Authorization</span><span class="dl">'</span><span class="p">))</span> <span class="kd">let</span> <span class="nx">obj</span> <span class="o">=</span> <span class="p">{</span> <span class="p">...</span><span class="nx">data</span><span class="p">,</span> <span class="na">jwt</span><span class="p">:</span> <span class="nx">response</span><span class="p">.</span><span class="nx">headers</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">Authorization</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="nx">user</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="nx">obj</span><span class="p">)</span> <span class="k">throw</span> <span class="nf">redirect</span><span class="p">(</span><span class="mi">302</span><span class="p">,</span> <span class="dl">'</span><span class="s1">/</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">errors</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">response</span><span class="p">.</span><span class="nf">json</span><span class="p">()</span> <span class="k">return</span> <span class="p">{</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="p">{</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="nx">errors</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Finally, for the logout route, create <code>+page.server.js</code>:</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="c1">// logout/+page.server.js</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">redirect</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@sveltejs/kit</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">actions</span> <span class="o">=</span> <span class="p">{</span> <span class="na">default</span><span class="p">:</span> <span class="k">async </span><span class="p">({</span> <span class="nx">cookies</span><span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">//set the cookies to null and redirect</span> <span class="nx">cookies</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">'</span><span class="s1">user</span><span class="dl">'</span><span class="p">,</span> <span class="kc">null</span><span class="p">)</span> <span class="k">throw</span> <span class="nf">redirect</span><span class="p">(</span><span class="mi">302</span><span class="p">,</span> <span class="dl">'</span><span class="s1">/</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Now, let's implement the hook. Create a new file, <code>hooks.server.js</code>, in the src folder.</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="c1">// src/+hooks.server.js</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">redirect</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@sveltejs/kit</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// define the routes of we want to be possible to access without auth</span> <span class="kd">const</span> <span class="nx">public_paths</span> <span class="o">=</span> <span class="p">[</span> <span class="dl">'</span><span class="s1">/signup</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">/signin</span><span class="dl">'</span> <span class="p">];</span> <span class="c1">// function to verify if the request path is inside the public_paths array</span> <span class="kd">function</span> <span class="nf">isPathAllowed</span><span class="p">(</span><span class="nx">path</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">public_paths</span><span class="p">.</span><span class="nf">some</span><span class="p">(</span><span class="nx">allowedPath</span> <span class="o">=&gt;</span> <span class="nx">path</span> <span class="o">===</span> <span class="nx">allowedPath</span> <span class="o">||</span> <span class="nx">path</span><span class="p">.</span><span class="nf">startsWith</span><span class="p">(</span><span class="nx">allowedPath</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">/</span><span class="dl">'</span><span class="p">)</span> <span class="p">);</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">handle</span> <span class="o">=</span> <span class="k">async </span><span class="p">({</span> <span class="nx">event</span><span class="p">,</span> <span class="nx">resolve</span><span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">let</span> <span class="nx">user</span> <span class="o">=</span> <span class="kc">null</span> <span class="c1">// check if the cookie exist, and if exists, parse it to the user variable</span> <span class="k">if</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">cookies</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">user</span><span class="dl">'</span><span class="p">)</span> <span class="o">!=</span> <span class="kc">undefined</span> <span class="o">&amp;&amp;</span> <span class="nx">event</span><span class="p">.</span><span class="nx">cookies</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">user</span><span class="dl">'</span><span class="p">)</span> <span class="o">!=</span> <span class="kc">null</span><span class="p">){</span> <span class="nx">user</span> <span class="o">=</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">cookies</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">user</span><span class="dl">'</span><span class="p">))</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">url</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">URL</span><span class="p">(</span><span class="nx">event</span><span class="p">.</span><span class="nx">request</span><span class="p">.</span><span class="nx">url</span><span class="p">);</span> <span class="c1">// validate the user existence and if the path is acceesible</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">user</span> <span class="o">&amp;&amp;</span> <span class="o">!</span><span class="nf">isPathAllowed</span><span class="p">(</span><span class="nx">url</span><span class="p">.</span><span class="nx">pathname</span><span class="p">))</span> <span class="p">{</span> <span class="k">throw</span> <span class="nf">redirect</span><span class="p">(</span><span class="mi">302</span><span class="p">,</span> <span class="dl">'</span><span class="s1">/signin</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">if</span><span class="p">(</span><span class="nx">user</span><span class="p">){</span> <span class="c1">//set the user to the locals (i explain this later on the article)</span> <span class="nx">event</span><span class="p">.</span><span class="nx">locals</span><span class="p">.</span><span class="nx">user</span> <span class="o">=</span> <span class="nx">user</span> <span class="c1">// redirect user if he is already logged if he try to access signin or signup</span> <span class="k">if</span><span class="p">(</span><span class="nx">url</span><span class="p">.</span><span class="nx">pathname</span> <span class="o">==</span> <span class="dl">'</span><span class="s1">/signup</span><span class="dl">'</span> <span class="o">||</span> <span class="nx">url</span><span class="p">.</span><span class="nx">pathname</span> <span class="o">==</span> <span class="dl">'</span><span class="s1">/signin</span><span class="dl">'</span><span class="p">){</span> <span class="k">throw</span> <span class="nf">redirect</span><span class="p">(</span><span class="mi">302</span><span class="p">,</span> <span class="dl">'</span><span class="s1">/</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">resolve</span><span class="p">(</span><span class="nx">event</span><span class="p">)</span> <span class="k">return</span> <span class="nx">response</span> <span class="p">}</span> </code></pre> </div> <p>This hook captures every request passing through the application. Using the handle function, we access the cookies set previously, determine whether the user should be redirected, and set the user store again. Note the use of event.locals to pass user data through server-side functions with the request.</p> <p>On the <code>routes</code> folder, create the follow files</p> <ul> <li>+layout.svelte</li> <li>+layout.server.js</li> </ul> <p>on the <code>+layout.svelte</code> set the code:</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="c">&lt;!--</span> <span class="nx">routes</span><span class="o">/+</span><span class="nx">layout</span><span class="p">.</span><span class="nx">svelte</span> <span class="o">--&gt;</span> <span class="o">&lt;</span><span class="nx">script</span><span class="o">&gt;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">user</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">$lib/stores/user.js</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">let</span> <span class="nx">data</span> <span class="nx">$user</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">user</span> <span class="o">&lt;</span><span class="sr">/script</span><span class="err">&gt; </span><span class="c">&lt;!--</span> <span class="nx">i</span> <span class="nx">will</span> <span class="nx">put</span> <span class="nx">that</span> <span class="k">for</span> <span class="nx">it</span> <span class="nx">can</span> <span class="nx">be</span> <span class="nx">possible</span> <span class="nx">to</span> <span class="nx">see</span> <span class="nx">the</span> <span class="nx">user</span> <span class="nx">data</span> <span class="nx">consistance</span> <span class="o">--&gt;</span> <span class="o">&lt;</span><span class="nx">h1</span><span class="o">&gt;</span><span class="nx">User</span> <span class="nx">info</span> <span class="p">:</span><span class="o">&lt;</span><span class="sr">/h1</span><span class="err">&gt; </span><span class="o">&lt;</span><span class="nx">pre</span><span class="o">&gt;</span><span class="p">{</span><span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">(</span><span class="nx">$user</span><span class="p">,</span> <span class="kc">null</span><span class="p">,</span> <span class="mi">2</span><span class="p">)}</span><span class="o">&lt;</span><span class="sr">/pre</span><span class="err">&gt; </span><span class="o">&lt;</span><span class="nx">slot</span> <span class="o">/&gt;</span> </code></pre> </div> <p>and the last one, the <code>+layout.server.js</code>:</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="c1">// routes/+layout.server.js</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">load</span> <span class="o">=</span> <span class="k">async </span><span class="p">({</span> <span class="nx">locals</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">user</span><span class="p">:</span> <span class="nx">locals</span><span class="p">.</span><span class="nx">user</span><span class="p">,</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Now, you can test the implementation. Attempting to access the protected route (/) without signing in will redirect you to the signin page.</p> <h2> Conclusion </h2> <p>In this article, I aimed to simplify the understanding of authentication flow and the use of hooks in SvelteKit. Having encountered some difficulties myself in grasping these features, I hope this guide proves helpful for your understanding as well.</p> sveltekit webdev programming tutorial