docs: Add expectAuth: true option to SvelteKit guide

[martypara]

Added the expectAuth: true option to the SvelteKit documentation, aligning it with the other guides.

The underlying @mmailaender/convex-better-auth-svelte library already supports passing this option through (I also tested it and it works great).

[erquhart]

@mmailaender good default for sveltekit?

[mmailaender]

Definitely a viable option. Setting expectAuth: true works great if the app is doing 100% authenticated requests. But if the app also has unauthenticated requests, it's more flexible to work with auth.isAuthenticated

useQuery( api.posts.getMemberOnlyPosts, () => ( auth.isAuthenticated ? {} : 'skip' ) ) // Authenticated only
useQuery( api.posts.getPublicPosts, {} ) // Unauthenticated

I'm tending towards having an extra section that explains both options as part of the Usage section:

---

Authenticated requests

There are two common ways to make authenticated Convex requests from Svelte components.

Option 1: Conditionally run queries with useQuery and auth.isAuthenticated

Use this when your app has a mix of public and members-only content.
You can read the auth state from useAuth and return "skip" for queries that should only run once the user is authenticated.

import { api } from '$convex/_generated/api';
import { useQuery } from 'convex-svelte';
import { useAuth } from '@mmailaender/convex-better-auth-svelte/svelte';

const auth = useAuth();

// Only fetch once the user is authenticated
const memberOnlyPosts = useQuery(
  api.posts.getMemberOnlyPosts,
  () => (auth.isAuthenticated ? {} : 'skip')
);

// Always fetched, regardless of auth state
const publicPosts = useQuery(api.posts.getPublicPosts, {});

Option 2: Make all requests authenticated with expectAuth

Use this when your app is essentially “members-only” and almost all data requires authentication.

By enabling expectAuth, all Convex queries and mutations created through createSvelteAuthClient will:

• automatically include the auth token, and
• not run until the user is authenticated.

Unauthenticated users won’t trigger any Convex requests until they sign in.

import { createSvelteAuthClient } from '@mmailaender/convex-better-auth-svelte/svelte';
import { authClient } from '$lib/auth-client';

createSvelteAuthClient({
  authClient,
  options: {
    expectAuth: true
  }
});

---

This section could also be applied to NextJS, etc., with only minor API adjustments.
Wdyt @erquhart ?

[erquhart]

Solid write-up (or should I say svelte 😛). Yeah this is basically the state of things across frameworks, documenting both approaches makes sense - will probably end up adding something like this for the others as well.

[mmailaender]

Great, have created a pull request: #164

Thanks, @martypara, for bringing this up. 🙌

[martypara]

Glad I was able to get this rolling @mmailaender 🙂