GoLang & SvelteKit Custom Auth, it's Easier than you Think... (FULL EXAMPLE & SOURCE CODE PROVIDED) 

Ben, thank you for all that you do for us. I hope you realize this RU-vid channel is great for your resume. It shows your ability to understand and teach concepts and shows your willingness to help others.

Some notes from the vid, 1. You can through a `use:enhance` action on form for progressive enhancement 2. In your sign in route action you should use the fetch provided by sveltekit. It is available on the event just like request, params and etc so you could do {request, fetch} in your default action to destructure event. 3. Akin to fetch you also have a setHeaders function that can be destructred from event as well

Dude you are so right on time, the community needs stuff like this to move us all forward! So refreshing. Thank you for doing Sveltekit and Go. I'm all in on Sveltekit and learning Go to switch away from all TS/JS.

Great video Ben. Glad I found your channel. I’ve been working on my personal portfolio lately with the hope of applying for (and getting) a web dev job soon. I tried using NextAuth (because of T3) and hated it. I really prefered writing my own custom auth. It gives me better understanding and better control of what I’m doing. I even started writing a separate auth backend in Rust that I hope to use in a project soon and this video has helped me understand how to connect everything better, even though you used Go and Sveltekit.

Pure genius. I like how you handled the session between the frontend and 2 backends

Great video! Svelte + GO is a match made in heaven

Thank you! You inspired me to use the Go Fiber+SvelteKit bundle. I'm following your ideas.

i just found this man finally SvelteKit and go content

If go with Go, I would choose PocketBase (still in developing stage) or stay with SvelteKit and Prisma for database ORM. Great content anyway. Thanks Ben

Golang and Svelte are perfect match, i love it

Awesome video! Thank you and I really appreciate the time you put into this helping people understand these concepts easier.

Great video. Glad you're not importing the PageData type in the +page.svelte because the svelte extension automagically infers the page date variable.

You can expose your golang backend as a binary and execute directly inside your SvelteKit server, that way you eliminate the extra HTTP roundtrip. Your app will run like the older CGI servers

It is fantastic experience to replace from asp, mssql to sveltekit, golang, mongodb. So so so so faster than asp. How fast! Unbelievable!

Kotlin multiplatform no tradeoffs, full cross platform, true native development, Jetpack Compose (similar to react) Multiplatform, coroutines, and solid ecosystem.

I am currently using Nuxt + Node, Sveltkit + Go seems to be a good stack as well, thinking of learning Go as a more powerful backend, and using node to small things.

Love this, great work. I really don’t like the Svelte backend though, feels unnecessary given you could do all of that work on Go that would be quicker & faster. Love the thought that went into the Auth though, eg it could work for a mobile app too 👌

Solid video, thanks for the source code.

Easiest way to create Json from formData is const a = Object.fromEntries(await request.formData())

Thoughts on GoTrue? Or did you discuss that in your JWT video. That’s what SupaBase uses underneath the hood

Nice video. I love your stack. I am kind of doing this right now. But a sveltekit superforms is a thing I wanna recommend here.

Nice video, also argon is preferred over bcrypt according to OWASP

@bmdavis419 What're the pros and cons if removing the Go Fiber immediate api layer? Use SvelteKit Server Actions or Server Side API to handle the db connection for auth and data storing?

🔥

thanks, ive spent months hitting my head, because everyone says you shouldn't implement your own authentication, but after doing it myself i didn't understand what i was missing.. all these people on all these forums are complete snobs and offer no alternative or helpful answers they just say no your stupid, do it this silly way with tons of extra overhead and over complexity edit: also why are u hosting 2 backends? u seem to be posting the svelte client data to the svelte api, then posting the data from the svelte api to the golang api..? why not just send it directly to go

Awesome video 🎉 Which app are you using for your annotations by the way?

Hi Ben love your videos! Can you perhaps steelman the case for using redis as your primary db? Thanks a lot and all the best!

Please a full course for a blog app with go , fiber and mongo db

use sequence diagram to explain flow of a request

My Stack Golang + Sveltekit + TailwindCSS + Keycloak + Postgres + Redis

2 of my favorite language! XD

HTML allows me to do server-side rendering. I don't need meta-framework for that:)

Question, wouldn't be safer to hash the password before sending it from sveltekit's "backend" to the go backend?

is SvelteKit BE in fact a BFF (the backend for the SvelteKit FE)?

hey ben! can you do a video about clean architecture in go?

super nice orm is ent

Why use Redis when you can use SQLite which will be even faster?

Couldn't you do all the cookie stuff in go and avoid having a second backend that seems to be only acting as a http client ?

Ben, based on your XP, what would you recommend as a Golang BE framework? Fiber or what?

Great video! but why await JSON.stringify()

I'm pretty sure (though only now am I questioning it) that sending a Bearer token is only need for making authenticated REQUESTS. They are not required for the http RESPONSE. You could have just sent it as part of the JSON response. Then no need to strip the "Bearer" part of it.

what is the name of the application where you are drawing stuff to explain us. I am in need of this, to plan my project and make system designs

Why do u add Bearer to the session id string?

How to include auth2 in this story?

Why don't you use an Open Source authentication and user management tool (such as Keycloak, SuperTokens). They do the same think sort of and are backed by the open source community and great developers. An increasing number of small tech companies that want a single IAM (Identity and Access Management) platform rely on open source software that can be hosted on their VMs and use their existing Databases... I worked in a startup that our IAM was built on Keycloak and all services afterwards were created in different realms in order to separate concerns. However, in my PoC that I built I had some issues with the JS Keycloak wrapper, forcing me to built my PaaS with SuperTokens. Great video nevertheless!

16:25 const body = JSON.stringify(Object.fromEntries(formData)); 19:45 set compilerOptions.noImplicitAny or compilerOptions.strict to false in tsconfig.json; or write it as "...async (event: any) => ..."

Ben, what's the name of that software that you use to draw diagrams?

Provider is always better because you have someone to blame if something goes wrong.

7:25 hey what is this board app?

What's the point of creating another backend in Go if you already have a backend from Sveltekit? It's not possible to connect to databases from Sveltekit?

I feel like auth0 is gone down hill

I still don't understand why are you using Sveltekit instead of doing everything with Go.

Sveltekit is great, but the auth story is sorely lacking :(

too much talk