
I just got into Appwrite, it's awesome!
I'm doing authentication for my SvelteKit app and I have managed to create login and register, but when I want to create the protected routes - I'm not sure how to do it.
Is it secure to handle protected routes inside page.ts files on the client?
export const load = async ({ parent }) => {
const { account } = await parent();
if (account.loggedin) {
throw redirect(303, "/auth");
}
}
Or how should I redirect the user if they aren't authed?

Is it secure to handle protected routes inside page.ts files on the client?
Regarding this, if the page contains data generated by user, for example, that is not accessible by everyone without proper permissions, then, I think it will not matter at all if the redirect is being performed client side.
However if it's a website that contains a route that is (for example) under a paywall or limited access to specific content without being registered or paid (for example: a members-only article or a website with paid courses), then you will need to perform this server sided and prevent returning any content prior to checking if the user has an active account

Yeah, it is the option two - the content should only be visible to certain users

I tried to find any server side documentation but I can't find anything on how to do things on the server

Regarding the seccond question on how to check if the user is authenticated or not, you can check it with:
account.get();
If it throws error, that means there is not an active or valid session (so user is not logged it). Full example:
const account = new account(client);
try{
account.get();
//The code in those lines will be executed if the user is logged in so you can redirect here, trigger a function, set a variable, etc.
} catch (error) {
console.error(error);
//Here you redirect to login or something else if user since the error will mean that there is not any active session
}

Is this helpful for you?

But this is on the clientside right?

I want to get it to the server, to the +page.server.ts files etc
Recommended threads
- Appwrite Fra Cloud Custom Domains Issue
I’m trying to configure my custom domain appwrite.qnarweb.com (CNAME pointing to fra.cloud.appwrite.io with Cloudflare proxy disabled) but encountering a TLS ce...
- Appwrite service :: getCurrentUser :: Us...
Getting this error while creating a react app can someone please help me solve the error
- Storage & Database is not allowing.
Storage & Database is not allowing to CRUD after i have logged in ? Using web SDK with next.js without any SSR or node-sdk.
