TL; DR; This is the correct behaviour. Write to client session storage whenever it changes.
As per documentation, getSession runs only when the page is rendered on the server. If this initial state is changing on the front-end you need to make sure the changes are reflected in the store.
To quote the docs once again:
session is a writable store whose initial value is whatever was returned from getSession. It can be written to, but this will not cause changes to persist on the server — this is something you must implement yourself.
While my SPA has several pages in /src/routes, only /src/routes/index.svelte appears to trigger getSession() in hooks (guessing it's because client side routing has taken over). If it's a user's first visit to the site (no session id in a cookie to lookup in handle() so request.locals.user doesn't get populated), getSession() doesn't seem to have much value.
What I've been doing in my /login endpoint (github.com/nstuyvesant/sveltekit-a...) is putting the user in the body of the endpoint response then doing a session.set({ user: fromEndpoint.user }) on the client in the login() method that called the endpoint.
As all the examples of authentication using SvelteKit made use of getSession(), I thought I was doing something wrong.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
TL; DR; This is the correct behaviour. Write to client session storage whenever it changes.
As per documentation,
getSession
runs only when the page is rendered on the server. If this initial state is changing on the front-end you need to make sure the changes are reflected in the store.To quote the docs once again:
While my SPA has several pages in /src/routes, only /src/routes/index.svelte appears to trigger getSession() in hooks (guessing it's because client side routing has taken over). If it's a user's first visit to the site (no session id in a cookie to lookup in handle() so request.locals.user doesn't get populated), getSession() doesn't seem to have much value.
What I've been doing in my /login endpoint (github.com/nstuyvesant/sveltekit-a...) is putting the user in the body of the endpoint response then doing a
session.set({ user: fromEndpoint.user })
on the client in the login() method that called the endpoint.As all the examples of authentication using SvelteKit made use of getSession(), I thought I was doing something wrong.