Remix

Authentication that fits Remix

Add login and route protection using the primitives Remix already gives you — loaders, actions, and cookie sessions. Authdog slots into the web-fundamentals model instead of replacing it.

Start building Read the docs

Guard a loader

app/routes/dashboard.tsx

// app/routes/dashboard.tsx
import { requireUser } from "@authdog/remix"
 
export async function loader({ request }) {
  const user = await requireUser(request)
  return json({ user })
}

Web fundamentals, not magic

Everything Remix apps need

Auth that works with loaders, actions, and progressive enhancement — the way the framework was designed.

Loaders & actions

Protect a route by calling requireUser() in its loader, and run logins from an action. Auth lives where your data does — on the server.

Cookie session storage

Sessions ride Remix's own cookie session storage with secure, signed, HTTP-only cookies — no extra client state to manage.

Nested routes

Enforce auth at any level of your nested route tree. Parent loaders gate whole sections while child routes inherit the verified user.

Progressive enhancement

Login and logout work as plain HTML form posts, so they keep working before JavaScript loads — exactly the way Remix intends.

Automatic token refresh

Tokens are refreshed transparently inside your loaders. Expired sessions renew without an extra round trip you have to write.

Typed SDK

A fully typed SDK gives you autocomplete for the user, claims, and roles returned to your loaders and actions.

Auth in your loaders

Log in with an action

Drive logins from a Remix action and let the authenticator handle the redirect and cookie session. Because it's a plain form post, it works before JavaScript loads — and your loaders get a verified user on the very next request.

app/routes/login.tsx

// app/routes/login.tsx
import { authenticator } from "@authdog/remix"
 
export async function action({ request }) {
  return authenticator.login(request, {
    successRedirect: "/dashboard",
  })
}

Auth without the boilerplate

Authdog leans on Remix's own session and data model, so protecting a route is one call and login is a single action.

1 line

To protect a route loader

A single requireUser(request) call gates a route and hands your loader a verified user — no middleware indirection.

100%

Works without client JavaScript

Auth flows are form posts handled by actions, so login and logout keep working with JS disabled or still loading.

Tokens exposed to the browser

Sessions stay in signed, HTTP-only cookies read only on the server — nothing for client code to read or leak.

Add auth to your Remix app.

Install the SDK, wire up your session storage, and protect your loaders today. Free to start, with secure defaults built in.

Start Building