Backend API built with actix-web and SeaORM, focused on credential handling, JWT authentication, and a clean modular layout.
- Features
- Tech stack
- Requirements
- Configuration
- Development setup
- Docker
- API endpoints
- Project structure
- Testing
- License
- Handlers for registration, login, logout, a home index (
/), and a secured profile endpoint (/me). - JWT encode/decode helpers that can plug into middleware (and a token blacklist for logout).
- Credential storage currently keeps passwords as provided (no hashing helpers).
- Clean layering: handlers call services -> services call SeaORM -> utils provide token helpers.
- Web framework:
actix-web4.x - ORM:
SeaORMwith PostgreSQL - Hashing: disabled (passwords stored as provided)
- Tokens:
jsonwebtokenwith therust_cryptofeature - Env:
dotenvyfor reading.env
- Rust (1.71+) toolchain
- PostgreSQL database reachable via
DATABASE_URL cargoinstalled via the Rust toolchain
Copy .env.example to .env and define:
DATABASE_URL-> database connection stringJWT_SECRET-> secret used to sign JWTsBIND_ADDRESS(optional) -> defaults to127.0.0.1:8080
- Run
cargo install sqlx-cli --no-default-features --features postgresonly if you need SQLx migrations. - Start the backend with
cargo run. - Use curl/Postman to exercise the HTTP endpoints listed below.
- Launch the stack with
docker compose up --build. - Compose starts Postgres plus the API; Postgres listens on
localhost:5432and the server onlocalhost:8080. .envsuppliesJWT_SECRET/BIND_ADDRESSwhile Compose overridesDATABASE_URLfor thedbservice.
Shut down with docker compose down; the named volume db-data preserves Postgres data.
GET /-> home/index welcome message.POST /auth/register-> create a new user (returns token + filtered user data).POST /auth/login-> authenticate and receive a JWT.POST /auth/logout-> revoke the current bearer token (requiresAuthorization: Bearer <token>).GET /me-> read profile info (requires valid, non-revoked bearer token).
my_actix_app/
├── .cargo/
│ └── config.toml # Cargo workspace settings (optional)
├── .idea/
│ └── workspace.xml # JetBrains project metadata (ignore in CI)
├── migration/
│ └── *.sql # database schema changes
├── src/
│ ├── db/
│ │ └── connection.rs # Postgres connection helper
│ ├── handlers/
│ │ ├── auth_handler.rs # login/register/logout controllers
│ │ └── user_handler.rs # `/` home and `/me` profile
│ ├── middleware/
│ │ └── auth_middleware.rs # JWT helper storing claims into request extensions
│ ├── models/
│ │ └── user.rs # SeaORM user entity
│ ├── routes/
│ │ └── user_routes.rs # central router wiring handlers
│ ├── services/
│ │ └── user_service.rs # DB logic for finding/creating users
│ ├── utils/
│ │ ├── auth_utils.rs # Argon2 hash/verify helpers
│ │ └── jwt.rs # encode/decode helpers plus claims
│ ├── config.rs # AppConfig loader
│ ├── main.rs # wires AppConfig, AppState, DB connection, and routes
│ └── state.rs # shared AppState (DB, config, revoked tokens)
├── target/
│ └── debug/ # compiled artifacts
├── .dockerignore # excludes generated files from Docker contexts
├── .env # local configuration overrides loaded at runtime
├── .env.example # template for required env variables
├── .gitignore # files excluded from version control
├── Cargo.lock # locked dependency graph for reproducible builds
├── Cargo.toml # dependency manifest
├── docker-compose.yml # Postgres + backend stack
├── Dockerfile # multi-stage build for the server
├── LICENSE
└── README.md # this documentation
cargo testThis command simply builds the binary since no dedicated unit tests exist yet.
Licensed under the terms described in the LICENSE file.