Consider a Svelte component that fetches user data from an API using a stored JWT token. The token is expired. What will be the component's behavior?
import { onMount } from 'svelte'; let userData = null; let error = null; const token = 'expired.jwt.token'; onMount(async () => { try { const res = await fetch('https://api.example.com/user', { headers: { 'Authorization': `Bearer ${token}` } }); if (!res.ok) throw new Error('Unauthorized'); userData = await res.json(); } catch (e) { error = e.message; } });
Think about what happens when the API rejects the request due to expired token.
The API returns a 401 Unauthorized status for expired tokens. The fetch call detects this and throws an error, which is caught and sets the error message. The userData remains null because no data is returned.
Choose the correct way to add a Bearer token to the fetch request headers in a Svelte component.
Remember how to use template literals to insert variables inside strings.
Option C uses backticks and ${token} to correctly insert the token variable inside the string 'Bearer ...'. Option C concatenates strings but is less modern. Options B and D have syntax errors or wrong order.
Given a Svelte component that refreshes an expired token and updates authentication state, what is the final value of isAuthenticated?
import { onMount } from 'svelte'; import { writable } from 'svelte/store'; const isAuthenticated = writable(false); let token = 'expired.jwt.token'; async function refreshToken() { const res = await fetch('https://api.example.com/refresh', { method: 'POST', headers: { 'Authorization': `Bearer ${token}` } }); if (res.ok) { const data = await res.json(); token = data.token; isAuthenticated.set(true); } else { isAuthenticated.set(false); } } onMount(async () => { await refreshToken(); });
If the refresh API call succeeds, what does the code do to isAuthenticated?
The refreshToken function sets isAuthenticated to true if the refresh API call succeeds (res.ok). Since the token is replaced and state updated, the final value is true.
Identify the reason why the Authorization header is missing in the fetch request below.
let token = 'abc123'; async function getData() { const response = await fetch('https://api.example.com/data', { headers: { Authorization: `Bearer ${token}` } }); return await response.json(); } getData();
Check how the token variable is used inside the string.
The code uses the literal string 'Bearer token' instead of inserting the token variable's value. It should be `Bearer ${token}` or 'Bearer ' + token to include the actual token.
Choose the best API authentication pattern for a Svelte app that must securely access APIs and handle token expiration by refreshing tokens automatically.
Consider security and user experience for token storage and refresh.
Option A is best because storing JWT in localStorage allows easy access for fetch calls, and refreshing tokens automatically on 401 errors improves user experience. Option A is insecure without HttpOnly. Option A loses token on reload. Option A is insecure and inefficient.