This repository provides a comprehensive boilerplate for building scalable and maintainable REST APIs using Rust with Actix Web framework and SeaORM as the ORM layer for PostgreSQL databases.
This project serves as a solid foundation for developers looking to create RESTful web services in Rust with a clean architecture. It implements a complete user management system including CRUD operations, authentication, role-based access control, and soft delete functionality while following best practices for structuring Rust web applications.
- Complete REST API: Full implementation of user resource with CRUD operations
- JWT Authentication: Token-based authentication system
- Role-Based Access Control: Admin, User, and Guest role capabilities
- Clean Architecture: Well-organized code structure with separation of concerns
- Password Security: Secure password hashing and validation
- Error Handling: Robust error management with custom error types
- Database Integration: PostgreSQL support via SeaORM
- Logical Deletion: Soft delete implementation for users
- Configuration Management: Environment-based configuration with dotenv
- Deployment Ready: Simple deployment configuration for various platforms
- Development Tools: VSCode launch configurations for debugging
- Input Validation: Centralized validation rules for consistent data processing
rust-actix-seaorm/
โโโ .env # Environment variables
โโโ .gitignore # Git ignore file
โโโ Cargo.lock # Rust dependency lock file
โโโ Cargo.toml # Rust project configuration
โโโ .vscode/ # VSCode configuration
โ โโโ launch.json # Debugging configuration
โโโ src/ # Source code
โ โโโ main.rs # Application entry point
โ โโโ api/ # API endpoints and route handlers
โ โ โโโ mod.rs # API module exports
โ โ โโโ users.rs # User API handlers
โ โ โโโ auth.rs # Authentication handlers
โ โโโ auth/ # Authentication components
โ โ โโโ mod.rs # Auth module exports
โ โ โโโ jwt.rs # JWT token generation and validation
โ โ โโโ password.rs # Password hashing and verification
โ โโโ config/ # Configuration management
โ โ โโโ app_config.rs # Application configuration
โ โ โโโ mod.rs # Config module exports
โ โโโ db/ # Database layer
โ โ โโโ mod.rs # Database module exports
โ โ โโโ migrations/ # Database migrations
โ โ โโโ models/ # SeaORM entity models
โ โ โโโ repositories/ # Data access repositories
โ โโโ validators/ # Input validation rules
โ โ โโโ mod.rs # Validators module exports
โ โ โโโ user_validators.rs # User-specific validation rules
โ โโโ utils/ # Utility functions
โ โ โโโ mod.rs # Utils module exports
โ โ โโโ validation.rs # Shared validation helpers
โ โโโ error/ # Error handling
โ โโโ app_error.rs # Custom application error types
โ โโโ mod.rs # Error module exports
โโโ target/ # Compiled output (generated)
Contains HTTP route handlers and request/response models. This layer is responsible for:
- Parsing incoming HTTP requests
- Validating request data
- Calling appropriate domain logic
- Formatting HTTP responses
Key files include:
users.rs: Defines endpoints for user managementauth.rs: Implements authentication and JWT token management
Handles all aspects related to authentication and security:
- JWT: Token generation and verification
- Password Security: Secure password hashing and verification
- Role Management: Role-based access guards implementation
- Middleware: Middleware for protecting authenticated routes
Manages application settings loaded from environment variables:
- Database connection strings
- Server configuration
- JWT secrets
- Environment-specific settings
Contains everything related to data persistence:
- Migrations: Database schema evolution
- Models: SeaORM entity definitions that map to database tables
- Repositories: Implements data access patterns to abstract database operations
Contains reusable validation logic:
- Regular expressions: For format validation (phone numbers, passwords, etc.)
- Custom validators: Functions for complex validation rules
- Shared validation logic: Common validation patterns used across the application
The validators provide a centralized location for all validation rules, ensuring consistency across the application and making it easier to update validation logic in one place.
- Rust 1.70+ (stable)
- PostgreSQL 13+
- Docker (optional, for containerized PostgreSQL)
git clone https://github.com/gabrielrmunoz/rust-actix-seaorm.git
cd rust-actix-seaormDATABASE_URL=postgres://username:password@localhost:5432/dbname
SERVER_HOST=127.0.0.1
SERVER_PORT=8000
RUST_LOG=info
JWT_SECRET=your_secret_key_here
docker run --name postgres -e POSTGRES_PASSWORD=password -p 5432:5432 -d postgrespsql -U postgres -c "CREATE DATABASE dbname;"cargo watch -x runcargo runcargo build --releasecargo testcargo test -- --nocapture| Method | Endpoint | Description | Authentication |
|---|---|---|---|
| POST | /api/auth/login | Login and get JWT token | No |
| POST | /api/register | Register new user | No |
| Method | Endpoint | Description | Authentication | Role Required |
|---|---|---|---|---|
| GET | /api/users | Get all users | Yes | User or Admin |
| GET | /api/users/{id} | Get user by ID | Yes | User or Admin |
| PUT | /api/users/{id} | Update a user | Yes | User or Admin |
| DELETE | /api/users/{id} | Physically delete a user | Yes | Admin |
| PATCH | /api/users/{id}/soft-delete | Soft delete a user | Yes | Admin |
| PATCH | /api/users/{id}/restore | Restore a soft deleted user | Yes | Admin |
struct User {
id: i32,
username: String,
password: String, // Stored as hash, never returned in API responses
first_name: String,
last_name: String,
email: String,
phone: String,
role: String, // "admin", "user", "guest"
created_on: NaiveDateTime,
updated_on: NaiveDateTime,
deleted_on: Option<NaiveDateTime>,
}// Request
struct LoginRequest {
username: String,
password: String,
}
// Response
struct LoginResponse {
token: String,
user_id: i32,
username: String,
role: String,
}The system includes multiple validators to ensure data integrity:
// Password validation
// - 10-20 characters
// - At least one lowercase letter
// - At least one uppercase letter
// - At least one number
// - At least one special character (@$!%*?&_-)
// Phone number validation
static PHONE_REGEX: Lazy<Regex> =
Lazy::new(|| Regex::new(r"^(\+\d{1,3})?-\d{6,14}$").unwrap());
// Username validation (no spaces allowed)
fn validate_no_spaces(username: &str) -> Result<(), ValidationError> {
if username.contains(' ') {
// Return validation error
}
Ok(())
}
// Role validation
fn validate_role(role: &str) -> Result<(), ValidationError> {
if UserRole::is_valid_role(role) {
Ok(())
} else {
// Return validation error
}
}The system implements JWT token-based authentication:
- Tokens signed with a configurable secret
- Role information included in claims
- Middleware for automatic token validation
- Role-based guards for access control
Passwords are handled securely:
- Stored in database using secure hashing algorithms
- Never returned in API responses
- Robust validation to ensure strong passwords
This project follows a layered architecture pattern:
- HTTP Layer (API): Handles incoming requests and outgoing responses
- Auth Layer: Provides authentication and authorization services
- Service Layer (Domain): Contains business logic
- Data Access Layer (Repositories): Abstracts database operations
- Database Layer (SeaORM Entities): Represents database tables
- Validation Layer: Centralizes input validation rules
Major dependencies include:
- actix-web: Web framework for handling HTTP requests
- jsonwebtoken: JWT implementation for Rust
- sea-orm: Async ORM for Rust
- sqlx: SQL toolkit with compile-time checked queries
- tokio: Async runtime
- serde: Serialization/deserialization framework
- validator: Input validation framework
- dotenv: Environment variable loading
- log: Logging infrastructure
- chrono: Date and time utilities
- argon2: Secure hashing algorithm for passwords
For manual deployment, build a release binary:
cargo build --releaseThe binary will be available atย rust-actix-seaorm.
The repository includes VSCode launch configurations for debugging the application:
- Launch Server: Runs the application with debugger attached
- Run Tests: Runs tests with debugger
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the project
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
If you have any questions or suggestions about this project, please open an issue in the repository.
This boilerplate was created to provide a solid foundation for Rust web applications with a focus on maintainability and best practices. Happy coding!