This example shows how to use Arcjet to protect SvelteKit apps.
-
From the root of the project, install the SDK dependencies.
npm ci
-
Enter this directory and install the example's dependencies.
cd examples/sveltekit npm ci -
Rename
.env.exampleto.envand add your Arcjet key. -
Start the server.
npm run dev
-
Visit
http://localhost:5173/in a browser and follow the links to test the various examples. -
Test shield by making this request:
curl -v -H "x-arcjet-suspicious: true" http://localhost:5173
The arcjet instance is created in the server-only module /src/lib/server/arcjet.ts and is configured to enable Shield.
/src/hooks.server.ts imports the arcjet instance and runs the protect() method on all requests. The only exception is any requests who's pathanme is listed in filteredRoutes, in which case protection is left to that route's server code.
The rate-limited page has a server-side script file at /src/routes/rate-limited/+page.server.ts, which imports the arcjet instance, and then applies extra rate-limiting rules before calling the protect() method.
Finally, the rate-limited API end-point performs the same augmentation of the rules as the rate-limted web page, as can be seen in /src/routes/api/rate-limited/+server.ts.