KavachSession Management
How Kavach handles user sessions with cookie-based storage.
How It Works
Kavach uses stateless cookie-based sessions. No server-side session storage required.
1. Authentication
User signs in via adapter → adapter returns tokens
2. Cookie Storage
Session stored in httpOnly cookie (not accessible to JavaScript)
3. Request Verification
Every request validates session via SvelteKit hook
4. Token Refresh
Session endpoint refreshes tokens automatically
Setup
Add the handle hook in src/hooks.server.js:
import { kavach } from '$kavach/auth'
export const handle = kavach.handleSession Shape
{
user: {
id: 'user-uuid',
email: 'user@example.com',
role: 'admin',
app_metadata: {},
...
},
access_token: 'jwt-token',
refresh_token: 'refresh-token',
expires_in: 3600
}Client Access
Access session from client-side:
import { kavach } from '$kavach/auth'
// Get current session
const session = kavach.getSession()
// Check if authenticated
if (session?.user) {
console.log('User:', session.user.email)
}Cookie Options
{
httpOnly: true,
secure: true,
sameSite: 'strict',
maxAge: 604800 // 7 days
}Sessions last 7 days by default.