Go + SvelteKit Starter

Production-ready monorepo starter with Google OAuth, JWT authentication, and waitlist functionality.

Tech Stack

• Backend: Go 1.22+, Chi router, PostgreSQL, sqlc
• Frontend: SvelteKit 2, Svelte 5, Tailwind CSS 4
• Auth: Google OAuth, JWT tokens, secure cookies
• Deploy: Railway (API), Cloudflare Workers (Web)

Project Structure

├── apps/
│   ├── api/                 # Go backend
│   │   ├── cmd/api/         # Entry point
│   │   ├── internal/
│   │   │   ├── config/      # Environment config
│   │   │   ├── database/    # DB connection + sqlc
│   │   │   ├── domain/      # Business entities
│   │   │   ├── handler/     # HTTP handlers
│   │   │   ├── middleware/  # Auth, logging
│   │   │   ├── repository/  # Data access
│   │   │   ├── server/      # Router setup
│   │   │   └── service/     # Business logic
│   │   └── db/
│   │       ├── migrations/  # Goose migrations
│   │       └── queries/     # sqlc queries
│   │
│   └── web/                 # SvelteKit frontend
│       └── src/
│           ├── lib/
│           │   ├── api/     # API client
│           │   └── types/   # TypeScript types
│           └── routes/
│               ├── app/     # Protected routes
│               ├── login/   # Auth pages
│               └── waitlist/

Quick Start

Prerequisites

• Go 1.22+
• Node.js 20+ and pnpm
• PostgreSQL 15+
• Google OAuth credentials (console.cloud.google.com)

1. Clone and Setup

git clone https://github.com/yourusername/go-svelte-starter.git my-app
cd my-app

2. Database Setup

# Create database
createdb starter_dev

# Run migrations
cd apps/api
go install github.com/pressly/goose/v3/cmd/goose@latest
goose -dir db/migrations postgres "postgresql://localhost:5432/starter_dev" up

3. Environment Variables

# Backend
cp apps/api/.env.example apps/api/.env
# Edit apps/api/.env with your values

# Frontend
cp apps/web/.env.example apps/web/.env

4. Start Development

# Terminal 1: Backend
cd apps/api
go run cmd/api/main.go

# Terminal 2: Frontend
cd apps/web
pnpm install
pnpm dev

Visit http://localhost:5173

Features

Authentication

• Google OAuth with secure state parameter
• JWT tokens with 7-day expiry and sliding refresh
• Secure cookies (HttpOnly, Secure, SameSite=Lax)
• Rate limiting on auth endpoints

API Pattern

Frontend uses a proxy pattern - all API calls go through SvelteKit:

// In load functions
export const load = async ({ fetch }) => {
  const api = createApi(fetch);
  const { data: user } = await api.get<User>('/auth/me');
  return { user };
};

Protected Routes

Routes under /app/* require authentication:

// routes/app/+layout.server.ts
export const load = async ({ parent }) => {
  const { user } = await parent();
  if (!user) redirect(303, '/login');
  return { user };
};

Adding New Features

1. Database Schema

# Create migration
cd apps/api
goose -dir db/migrations create add_posts_table sql

2. SQL Queries

-- db/queries/posts.sql
-- name: GetPosts :many
SELECT * FROM posts WHERE user_id = $1;

# Generate Go code
sqlc generate

3. Add Domain/Repository/Service/Handler

Follow the existing patterns in internal/.

4. Frontend Types

Add types in apps/web/src/lib/types/.

Deployment

Backend (Railway)

1. Connect GitHub repo
2. Set environment variables
3. Deploy

Frontend (Cloudflare)

cd apps/web
pnpm build
npx wrangler pages deploy .svelte-kit/cloudflare

License

MIT