A repo for testing different approaches to Rust web service development with a focus on best practices
- Keyset pagination
- Token bucket rate limiter
- Auth0 JWK caching
- Auth0 JWT validation
- Graceful shutdown on SIGINT and SIGTERM
- RBAC route permissions
Migrations require SQLx CLI
User registration + login goes through Auth0. Users get a JWT token from Auth0 to make requests with via bearer token header
Auth0 manages roles and permissions for users. Each API route is associated with a permission, which are grouped into higher level roles.
| Name | Endpoint |
|---|---|
| List Accounts | GET /v1/accounts |
| Retrieve Account | GET /v1/accounts/:id |
| Create Account | POST /v1/accounts |
| Delete Account | DELETE /v1/accounts/:id |
| List Account Users | GET /v1/accounts/:id/users |
| Name | Endpoint |
|---|---|
| List Users | GET /v1/users |
| Retrieve User | GET /v1/users/:id |
| Create User | POST /v1/users |
| Delete User | DELETE /v1/users/:id |
| List User Accounts | GET /v1/users/:id/accounts |
| Name | Endpoint |
|---|---|
| Receive Webhook | POST /v1/stripe/webhooks |
| Name | Endpoint |
|---|---|
| HTTP Healthcheck | GET /health |