Skip to main content
The @commercengine/storefront/sveltekit package provides a SvelteKit-specific wrapper around the core Storefront SDK. It gives you three accessors — publicStorefront(), serverStorefront(), and clientStorefront() — with automatic cookie-backed token management across server and client.

NPM Package

@commercengine/storefront

SvelteKit integration for Commerce Engine Storefront SDK. Import from @commercengine/storefront/sveltekit.

Installation

Quick Start

1

Set Environment Variables

Add your store credentials to .env:
.env
SvelteKit uses the PUBLIC_ prefix for client-exposed env vars (accessed via $env/static/public).
2

Create the Storefront Config

A shared config imported by both client and server storefronts:
src/lib/storefront-config.ts
3

Create the Client Storefront

src/lib/storefront.ts
4

Create the Server Storefront

Place this under $lib/server/ — SvelteKit enforces that files in this directory are never imported into client code (a build error is thrown if client code imports from it).
src/lib/server/storefront.ts
The @commercengine/storefront/sveltekit/server import must only be used in server-only files: +page.server.ts, +layout.server.ts, hooks.server.ts, and +server.ts. SvelteKit enforces this at build time.
5

Bootstrap in Root Layout

src/routes/+layout.svelte
bootstrap() is deduped and idempotent. If session cookies already exist (returning user), it is a no-op.

Accessor Rules

Use the right accessor for each context:
serverStorefront() requires passing cookies (from event.cookies or destructured from the load/action context) because SvelteKit has no global request context. This call is synchronous — no await needed. clientStorefront() throws if called on the server.

Key Patterns

Public Reads (Universal Load)

For public catalog data that doesn’t need a session, use publicStorefront() in universal load functions. These run on both server and client:
src/routes/+page.ts

Session-Aware Server Load

src/routes/account/+page.server.ts

Layout Server Load

src/routes/+layout.server.ts

Form Actions (Mutations)

SvelteKit form actions can read and write cookies, making them ideal for cart and auth mutations:
src/routes/cart/+page.server.ts

API Routes

src/routes/api/wishlist/+server.ts

Server Hooks

Use hooks for auth guards and injecting session data into event.locals:
src/hooks.server.ts
To make event.locals.userId type-safe, declare it in app.d.ts:
src/app.d.ts

Client-Side Fetching (After Hydration)

In Svelte components, use the client accessors directly:
Session-bound operations (cart, wishlist, account):

Static Prerendering

For prerendered pages, use publicStorefront() in a universal load function:
src/routes/products/[slug]/+page.ts
publicStorefront() never creates sessions, never reads/writes cookies, and is safe for prerender and build-time contexts.

Hosted Checkout + SvelteKit

If you use Commerce Engine Hosted Checkout, follow this pattern to keep the storefront SDK session and checkout session in sync.
1

Add onTokensUpdated to Storefront Config

This callback forwards token updates from the storefront SDK to the checkout iframe.
src/lib/storefront-config.ts
2

Bootstrap + Init Checkout in Root Layout

Call both storefront.bootstrap() and initCheckout() in the root layout. The checkout is initialized with authMode: "provided" so the storefront SDK owns the session.
src/routes/+layout.svelte
Install @commercengine/checkout separately if you use hosted checkout. The authMode: "provided" setting tells checkout to use your storefront SDK tokens instead of managing its own.
3

Use Checkout in Components

Then use the checkout store in any Svelte component — no provider needed:
src/components/CartButton.svelte

Common Pitfalls

Best Practices

Shared Config

Export storefrontConfig from storefront-config.ts and import it in both client and server storefront modules. Keep configuration in one place.

Server Boundaries

Place server storefront in $lib/server/ — SvelteKit enforces this boundary at build time with a compile error if client code imports from it.

Universal vs Server Load

Use universal +page.ts with publicStorefront() for public catalog reads. Use +page.server.ts with serverStorefront(cookies) only when you need session data.

Form Actions for Mutations

Auth, cart updates, and order creation should go through form actions using serverStorefront(cookies) so cookies are read and written correctly.

Cross-References

SDK Installation

Core SDK setup and framework detection guide.

Token Management

Full token lifecycle, cookie hydration, and returning-user flow.

Authentication Guide

OTP, email, and social login patterns for storefronts.

Hosted Checkout (Svelte)

Svelte integration for Commerce Engine Checkout.