Skip to content
Vladimir Chavkov

SvelteKit API & Authentication Training

Build secure, data-driven applications with this focused 2-day training on SvelteKit server-side capabilities. Master server routes, hooks, authentication patterns, and database integration to create robust full-stack applications with proper access control.

Training Details

Section titled “Training Details”
Duration2 days (16 hours)
LevelIntermediate
DeliveryIn-person, Live online, Hybrid
CertificationN/A

Who Is This For?

Section titled “Who Is This For?”
  • Full-stack developers building authenticated SvelteKit applications
  • Backend developers integrating with SvelteKit server routes
  • Teams implementing user authentication and authorization
  • Developers connecting SvelteKit to databases and external APIs

Learning Outcomes

Section titled “Learning Outcomes”

After completing this training, you’ll be able to:

  • Build RESTful API endpoints with SvelteKit server routes
  • Implement authentication flows including OAuth, session-based, and JWT
  • Use hooks for middleware patterns, guards, and request processing
  • Integrate databases using Prisma or Drizzle ORM
  • Protect routes and API endpoints with authorization checks
  • Handle errors, validation, and security best practices

Detailed Agenda

Section titled “Detailed Agenda”

Day 1: Server Routes and API Design

Section titled “Day 1: Server Routes and API Design”

Module 1: SvelteKit Server Routes

  • +server.ts files and HTTP method handlers
  • Request parsing: headers, params, body, cookies
  • Response construction and streaming
  • Error handling with error() and json()
  • Hands-on: Build a complete REST API

Module 2: Hooks and Middleware

  • The handle hook for request interception
  • handleFetch for outgoing request modification
  • handleError for centralized error handling
  • Sequencing hooks and composing middleware
  • Hands-on: Implement rate limiting and request logging

Module 3: Database Integration

  • Prisma setup and schema design with SvelteKit
  • Drizzle ORM as a lightweight alternative
  • Database connection management and pooling
  • Migrations and seeding strategies
  • Hands-on: Connect and query a PostgreSQL database

Day 2: Authentication and Authorization

Section titled “Day 2: Authentication and Authorization”

Module 4: Session-Based Authentication

  • Cookie-based sessions with secure defaults
  • Login, logout, and registration flows
  • Password hashing with bcrypt and Argon2
  • Session storage and expiration management
  • Hands-on: Build email/password authentication

Module 5: OAuth and Social Login

  • OAuth 2.0 flow with SvelteKit
  • GitHub, Google, and custom OAuth providers
  • Token exchange and profile fetching
  • Linking multiple providers to one account
  • Hands-on: Implement GitHub OAuth login

Module 6: Authorization and Security

  • Route protection with hooks and load functions
  • Role-based and permission-based access control
  • CSRF protection and security headers
  • Input validation and sanitization
  • Hands-on: Build a role-based admin dashboard

Prerequisites

Section titled “Prerequisites”
  • SvelteKit fundamentals (routing, load functions, form actions)
  • Basic understanding of HTTP, cookies, and authentication concepts
  • Familiarity with SQL databases
  • JavaScript/TypeScript proficiency

Delivery Formats

Section titled “Delivery Formats”
FormatDescription
In-PersonOn-site at your company’s location, hands-on with direct interaction
Live OnlineInteractive virtual sessions with screen sharing and real-time labs
HybridCombination of on-site and remote sessions, flexible scheduling

All formats include hands-on labs, course materials, authentication starter kits, and post-training support.