Fastify

Authentication for Fastify

A tiny, high-performance plugin that validates Authdog sessions on every request and gives you an idiomatic request.authdog context plus a requireAuth guard.

Start building Read the docs

server.ts

// server.ts
import { authdogPlugin } from "@authdog/fastify"
 
await app.register(authdogPlugin, {
  publicKey: process.env.AUTHDOG_PK!,
})

A plugin, not a framework

Everything Fastify APIs need

A drop-in plugin, a requireAuth guard, and a typed request context — with no assumptions about your stack.

Drop-in plugin

app.register(authdogPlugin, { publicKey }) decorates every request with an idiomatic request.authdog context — token, user, and isAuthenticated.

requireAuth guard

Gate any route with app.authdog.requireAuth as a preHandler — the real enforcement point, since request.authdog itself is informational.

Secure by default

The public key and its identity host are validated once at registration, and tokens are only trusted after the identity host confirms them.

Parses cookies itself

The plugin reads the authdog-session cookie or a Bearer header on its own — @fastify/cookie isn't required to get started.

High performance

A tiny plugin with an option to skip the per-request userinfo call when you validate tokens elsewhere.

Fully typed

request.authdog and app.authdog are typed via module augmentation, so the session context and guard come with full autocomplete.

Gate routes with a preHandler

Protect a route with requireAuth

Add app.authdog.requireAuth as a route's preHandler and Authdog rejects unauthenticated requests before your handler runs. Inside, request.authdog gives you the verified user — typed via module augmentation.

routes.ts

// routes.ts
app.get("/me", {
  preHandler: app.authdog.requireAuth,
}, async (request) => request.authdog!.user
)

Ship fast, secure APIs

Authdog's Fastify plugin validates sessions on every request and enforces auth at a single guard, with secure defaults at registration.

1 register

To add auth to every route

requireAuth

The single enforcement point

Add app.authdog.requireAuth as a preHandler and unauthenticated requests are rejected before your handler runs.

Extra cookie dependencies

The plugin parses cookies itself, so you don't need @fastify/cookie to read the session.

Add auth to your Fastify API.

Install the SDK, register the plugin, and gate your routes with requireAuth today. Free to start, with secure defaults built in.

Start Building