kristoferssolo/Axium
1
0
Fork 0
mirror of https://github.com/kristoferssolo/Axium.git synced 2025-10-21 16:00:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source 
Fixed some grammatical errors, made it look better.
This commit is contained in:
Rik 2025-01-30 23:03:02 +01:00 committed by GitHub
parent e20f21bc8b
commit 3c92ad7f13
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 75 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
README.md
View File

@ -1,12 +1,15 @@
```markdown
# 🦀 RustAPI # 🦀 RustAPI
**An example API built with Rust, Axum, SQLx, and PostgreSQL** **An example API built with Rust, Axum, SQLx, and PostgreSQL**
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT) [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
## 🚀 Core Features ## 🚀 Core Features
- **Rust API Template** - Production-ready starter template with modern practices - **Rust API template** - Production-ready starter template with modern practices,
- **PostgreSQL Integration** - Full database support with SQLx migrations - **PostgreSQL integration** - Full database support with SQLx migrations,
- **Comprehensive Health Monitoring** - **Easy to secure** - HTTP/2 with secure TLS defaults (AWS-LC, FIPS 140-3),
- **Easy to configure** - `.env` and environment variables,
- **JWT authentication** - Secure token-based auth with Argon2 password hashing,
- **Optimized for performance** - Brotli compression,
- **Comprehensive health monitoring**
Docker-compatible endpoint with system metrics: Docker-compatible endpoint with system metrics:
```json ```json
{ {
@ -19,15 +22,14 @@
"status": "degraded" "status": "degraded"
} }
``` ```
- **JWT Authentication** - Secure token-based auth with Argon2 password hashing - **Granular access control** - Role-based endpoint protection:
- **Granular Access Control** - Role-based endpoint protection:
```rust ```rust
.route("/", post(post_todo).layer(axum::middleware::from_fn(|req, next| { .route("/", post(post_todo).layer(axum::middleware::from_fn(|req, next| {
let allowed_roles = vec![1, 2]; let allowed_roles = vec![1, 2];
authorize(req, next, allowed_roles) authorize(req, next, allowed_roles)
}))) })))
``` ```
- **User Context Injection** - Automatic user profile handling in endpoints: - **User context injection** - Automatic user profile handling in endpoints:
```rust ```rust
pub async fn post_todo( pub async fn post_todo(
Extension(user): Extension<User>, // Injected user Extension(user): Extension<User>, // Injected user
@ -39,12 +41,67 @@
})))); }))));
} }
``` ```
- **Modern protocols ** - HTTP/2 with secure TLS defaults - **Observability** - Integrated tracing,
- **Observability** - Integrated tracing - **Documented codebase** - Extensive inline comments for easy modification and readability,
- **Optimized for performance** - Brotli compression - **Latest dependencies** - Regularly updated Rust ecosystem crates,
- **Easy configuration** - `.env` and environment variables
- **Documented codebase** - Extensive inline comments for easy modification and readability ## 🛠️ Technology stack
- **Latest dependencies** - Regularly updated Rust ecosystem crates | Category | Key Technologies |
|-----------------------|---------------------------------|
| Web Framework | Axum 0.8 + Tower |
| Database | PostgreSQL + SQLx 0.8 |
| Security | JWT + Argon2 + Rustls |
| Monitoring | Tracing + Sysinfo |
## 📂 Project structure
```
rustapi/
├── migrations/ # SQL schema migrations. Creates the required tables and inserts demo data.
├── src/
│ ├── core/ # Core modules: for reading configuration files, starting the server and configuring HTTPS/
│ ├── database/ # Database connectivity, getters and setters for the database.
│ ├── middlewares/ # Currently just the authentication system.
│ ├── models/ # Data structures
│ └── routes/ # API endpoints
│ └── mod.rs # API endpoint router.
│ └── .env # Configuration file.
└── Dockerfile # Builds a docker container for the application.
└── compose.yaml # Docker-compose.yaml. Runs container for the application (also includes a PostgreSQL-container).
```
## 🌐 Default API endpoints
| Method | Endpoint | Auth Required | Allowed Roles | Description |
|--------|------------------------|---------------|---------------|--------------------------------------|
| POST | `/signin` | No | None | Authenticate user and get JWT token |
| GET | `/protected` | Yes | 1, 2 | Test endpoint for authenticated users |
| GET | `/health` | No | None | System health check with metrics |
| | | | | |
| **User routes** | | | | |
| GET | `/users/all` | No* | None | Get all users |
| GET | `/users/{id}` | No* | None | Get user by ID |
| POST | `/users/` | No* | None | Create new user |
| | | | | |
| **Todo routes** | | | | |
| GET | `/todos/all` | No* | None | Get all todos |
| POST | `/todos/` | Yes | 1, 2 | Create new todo |
| GET | `/todos/{id}` | No* | None | Get todo by ID |
**Key:**
🔒 = Requires JWT in `Authorization: Bearer <token>` header
\* Currently unprotected - recommend adding authentication for production
**Roles:** 1 = User, 2 = Administrator
**Security notes:**
- All POST endpoints expect JSON payloads
- User creation endpoint should be protected in production
- Consider adding rate limiting to authentication endpoints
**Notes:**
- 🔒 = Requires JWT in `Authorization: Bearer <token>` header
- Roles: `1` = Regular User, `2` = Administrator
- *Marked endpoints currently unprotected - recommend adding middleware for production use
- All POST endpoints expect JSON payloads
## 📦 Installation & Usage ## 📦 Installation & Usage
```bash ```bash
@ -59,7 +116,7 @@ sqlx database create && sqlx migrate run
cargo run --release cargo run --release
``` ```
### 🔐 Default Accounts ### 🔐 Default accounts
**Warning:** These accounts should only be used for initial testing. Always change or disable them in production environments. **Warning:** These accounts should only be used for initial testing. Always change or disable them in production environments.
@ -68,13 +125,15 @@ cargo run --release
| `user@test.com` | `test` | User | | `user@test.com` | `test` | User |
| `admin@test.com` | `test` | Administrator | | `admin@test.com` | `test` | Administrator |
⚠️ **Security Recommendations:** ⚠️ **Security recommendations:**
1. Rotate passwords immediately after initial setup 1. Rotate passwords immediately after initial setup
2. Disable default accounts before deploying to production 2. Disable default accounts before deploying to production
3. Implement proper user management endpoints 3. Implement proper user management endpoints
## ⚙️ Configuration ### ⚙️ Configuration
Create a .env file in the root of the project or configure the application using environment variables.
```env ```env
# ============================== # ==============================
# 📌 DATABASE CONFIGURATION # 📌 DATABASE CONFIGURATION
@ -145,24 +204,3 @@ SERVER_COMPRESSION_LEVEL=6
# Argon2 salt for password hashing (must be kept secret!) # Argon2 salt for password hashing (must be kept secret!)
AUTHENTICATION_ARGON2_SALT="dMjQgtSmoQIH3Imi" AUTHENTICATION_ARGON2_SALT="dMjQgtSmoQIH3Imi"
``` ```
## 📂 Project Structure
```
rustapi/
├── migrations/ # SQL schema versions
├── src/
│ ├── core/ # Config, TLS, server setup
│ ├── database/ # Query handling
│ ├── middlewares/ # Auth system
│ ├── models/ # Data structures
│ └── routes/ # API endpoints
└── Dockerfile # Containerization
```
## 🛠️ Technology Stack
| Category | Key Technologies |
|-----------------------|---------------------------------|
| Web Framework | Axum 0.8 + Tower |
| Database | PostgreSQL + SQLx 0.8 |
| Security | JWT + Argon2 + Rustls |
| Monitoring | Tracing + Sysinfo |