A REST API written in Rust with JWT
A REST API written in Rust with JWT.
The goal is to perform CRUD operations on succinct data provided by the user: names and birthdates of family members. The API is intended to serve a front-end that will aggregate the ages to find out how old the crowd is, cumulated.
This work was made possible by:
It looks like so:
The nice thing with Diesel is that we write SQL that is then translated into Rust, not the other way around.
On users :
And for persons:
A user has access only to the data she created.
The json web token standard allows for stateless user session management thanks to its clever one-sided encryption scheme. The downside is: one does not simply logout with JWT. The client will have to make sure the JWT is deleted. In case of emergency, the nuclear otpion will be to request the deletion of the user and all the associated data. The authentication middleware checks for the user's existence before verifying the token.
It is a good thing apparently, so documenting the API's behaviour with it won't hurt.
Accessible on the /documentation
endpoint:
curl $URL:$PORT/documentation
.env
filecargo run
.apicontract.json
in postman and you're good to play around.Better instructions will follow in further commits.