Add a "layout" for endpoints

[stephane-vanraes]

Describe the problem

If I currently have an endpoint that should only be available for logged in users. I can do the following:

export async function get({ locals }) {
  if (!locals.user) {
    return {
      status: 401
    }
  }
   // otherwise proceed and return the data
  return {
    status: 200,
    body: data
  }
}

This works fine, but in some cases can be a bit of a hassle, especially if there are several endpoints and this code has to be copied in all these files.

Describe the proposed solution

Similar to __layout.svelte a new file named __layout.js that runs before the actual endpoints, this allows the developer to group all these access checks in one place. With the fall through rule we already have in place it would mean the above code would be in this new file and not have to be repeated.

export async function get({ locals }) {
  if (!locals.user) {
    return {
      status: 401
    }
 }

 // No return value as we want the normal endpoints to kick in.
}

Alternatives considered

Copying the testing logic to a shared function also works,
But this is not much shorter as we still have to construct and return the return object.

Importance

would make my life easier

Additional Information

No response

[benmccann]

Can you use handle? https://kit.svelte.dev/docs#hooks-handle

You could check the path prefix if you want to apply some logic only to certain pages

[stephane-vanraes]

Yes, you could do so.

But if different routes have different rules, or even have differences between get, post, ... this can become complicated.

Having the layout.js would keep those rules closer to where they are needed and have a convenient way of differentiating between methods.

All in all, this is not a deal breaker, more of a nice to have 😄.

[jchanes04]

I agree that adding a feature like this would help to reduce the amount of repeated code and improve readability. Perhaps the name __pre.js could be used for this, as this code would run before the request is passed on to the endpoints. __layout.js doesn't make much sense, since endpoints are usually not responsible for returning HTML and this code would not "append" anything to what was returned from the endpoint like __layout.svelte does.

[maxicarlos08]

It would be also useful if __pre.js (or .ts) can pass data to the next endpoint (or change the locals).

[stephane-vanraes]

Now that we have 'shadow endpoints', I think having this opens up another possibility.

Currently a get in such endpoint would not have access to the stuff generated by a layout, making that as soon as you depend on stuff in your load function you no longer can use the shadow endpoint.

If this proposed change gets implemented, we could theoretically make it such that we can not only do an access check like in the first example, but also abstract away some common code that gets exposed to the individual endpoint similar to how stuff works for load.

[sabine]

This looks like a middleware pattern to me. Having the ability to drop in middleware for the endpoints in such a way that it applies to all endpoints in the same folder and below sounds useful.

[kevmodrome]

I think this sounds like a neat idea. I'd probably lean towards calling it something like __middleware though.

[mrkishi]

This is on the roadmap. Closing in favor of the design discussion at #4274.