Skip to content

Latest commit

 

History

History
210 lines (120 loc) · 4.73 KB

README.md

File metadata and controls

210 lines (120 loc) · 4.73 KB

Rust Web-Applicationserver with Rocket

Self-contained System.

Basic pre-configured Rust Webserver with Rocket, CORS, CSRF, Fileserver for Tera-Templates and static assets.

Status

ops

dev Still under development

Features

  • Rust programming language

  • Rocket webframework

  • Self-contained System with Web-based Userinterface

  • CORS

  • CSRF (Argon2)

  • Rocket Fileserver with automatic static asset support

  • template-based UI with Tera, JS and CSS support

  • responsive web design with CSS3 (mobile first)

  • i18n UI frontend support with JSON (Browser auto-detection and switchable)

  • dark-/light-mode switchable

  • remote shutdown (shutdown API)

  • logfiles with typical log-levels

  • configured error-handling (400, 404, 422, 500)

  • display current application-log

  • configure CSRF fairing for put/delete/post

  • tbd.

HISTORY:

Version Date Developer Comments
0.1.0 2023-12-16 RZheng created
0.1.1 2024-01-07 RZheng added: user/loginform

Authors

License

MIT License

API Reference

Landing Page

loads the landing page with some explanations

  GET /

Returns: HTML page (template)

user/login

load login-form

  GET /user/login
Parameter Type Description
none html loads login-form

Returns: HTML page (template)

assets/static content

Fileserver provides static assets

  GET /assets/<index.html>
Parameter Type Description
none mime-type loads static asset

Returns: static asset, auto-detection of mime-type

shutdown Rocket webserver

gracefull shutdown the rocket webserver

not yet secured, accessable for everyone

  GET /shutdown
Parameter Type Description
none GET system shutdown

Returns: Shuting down the application.

Setup

Environment Variables

To run this project, you will need to add the following environment variables to your .env file (see example: env_example)

DATABASE_URL="postgres://username:password@dbhost:port/database"

For production, you need to configure Rocket secret_key or disable it in your Rocket.toml

Database

not implemented within this template

Logfile

stored in <appfolder>/logs/application.log

no log rotation implemented

default logging mode: normal

run

cargo run

build release

cargo build --release

Security

the following CORS are defined (in main.rs):

response.set*header(Header::new("Access-Control-Allow-Origin", "*"));
response.set*header(Header::new("Access-Control-Allow-Methods", "POST, GET, PATCH, OPTIONS", ));
response.set_header(Header::new("Access-Control-Allow-Headers", "*"));
response.set_header(Header::new("Access-Control-Allow-Credentials", "true"));

response.set_header(Header::new("Strict-Transport-Security", "max-age=63072000"));

please be aware of "Strict-Transport-Security"

The CSRF token is build with Argon2

Screenshots

Startpage

Example with english language (Example comes with EN and DE).

Header area with left hand brand icon and brand title

Header area with right hand navigation icons (toggle Language, toggle mode, login)

Startpage

Example with german language (Example comes with EN and DE).

dark mode / light mode

user/loginform

Fileserver/static assets

the end

🖖

(back to top)