The @authdog/sveltekit SDK integrates Authdog with SvelteKit: a handle hook that resolves the session for every request, a server client for load functions, and a client bootstrap. It reads the session Authdog issues.
Install
npm install @authdog/sveltekitRequires @sveltejs/kit ^2. Expose your publishable key as PUBLIC_AUTHDOG_PUBLIC_KEY (SvelteKit's PUBLIC_ prefix makes it readable via import.meta.env).
Add the handle hook
createAuthdogHandle populates event.locals.authdog on every request:
// src/hooks.server.ts
import { createAuthdogHandle } from "@authdog/sveltekit/server"
export const handle = createAuthdogHandle({
publicKey: import.meta.env.PUBLIC_AUTHDOG_PUBLIC_KEY,
})Read the user in a load function
createAuthdogServer verifies the session on the server — the enforcement point:
// src/routes/profile/+page.server.ts
import { createAuthdogServer } from "@authdog/sveltekit/server"
const authdog = createAuthdogServer({
publicKey: import.meta.env.PUBLIC_AUTHDOG_PUBLIC_KEY,
})
export const load = async ({ request, locals }) => {
const user = locals.authdog.isAuthenticated
? await authdog.getUser(request).catch(() => null)
: null
return { user: user?.user ?? null }
}The server instance also exposes getSession(request) and logout(request). The default session cookie is authdog-session.
Client bootstrap
Run initAuthdog() once on mount to consume the ?token= from the sign-in redirect and persist the session; clearAuthdogToken() signs out:
<!-- src/routes/+layout.svelte -->
<script>
import { onMount } from "svelte"
import { initAuthdog } from "@authdog/sveltekit/client"
onMount(() => initAuthdog())
</script>Pair the server session check with your authorization model to decide what a user may do.
Next steps
- Sign up & sign in — the flows behind the redirect.
- Backend requests — the verification model, in depth.