search

delay / sveltekit-auth-starter

This is a Sveltekit auth starter project. It utilizes Lucia for authentication, Skeleton for ui elements, Prisma for database connectivity and type safety, Lucide for icons, inlang for translation, Zod and Superforms to handle forms and validation and Sveltekit.
https://sveltekit-auth-starter.vercel.app
MIT License
221 stars 31 forks source link

Is auth working as expected (hooks.server.ts)? #3

Closed RobinMaas95 closed 1 year ago

RobinMaas95 commented 1 year ago

Hey, first of all, awesome project and a good starting point for any new sveltekit developer! Right now I'm trying to wrap my head around auth in sveltekit so this repo is a great help for me. While trying to understand your code I came across the hooks.server.ts file, where you check if the called url starts with "/auth".

if (event.request.url.startsWith('/auth')) {
    return resolve(event);
}

The problem is, that event.request.url returns - at least on localhost - the complete url (e.g. 'http://localhost:5173/auth/sign-in'). I think its clear that this condition will never be true, so the auth check will always run. I guess what you want is to use event.url.pathname which return only the path (e.g. '/auth/sign-in'). In this case, the condition is true when a /auth route is called.

But inside of sign-in/+page.server.ts the load function actually tries to access event.locals.auth which is not set if the condition in hooks.server.ts works as I think expected. So we get a internal server error.

So my question is, is this a bug? Or what is the idea behind the if block inside hooks.server.ts?

delay commented 1 year ago

You are right. It isn't really needed and causes a bug in that page. Thanks for pointing this out. This is some leftover code I forgot to remove when I was going to handle the hook in a different way. I just updated the code. Anyway thanks so much for pointing this out!