In this repository, you can find backend Rust rocket mongodb rest-api boilerplate with token authorization.
#[get("/public/hello")]
pub async fn hello_world() -> Json<&'static str> {
Json("Hello world")
}
Visiting localhost:8000/api/v1/public/hello
, for example, will trigger the hello
route resulting in the string Hello world
being sent to the
browser. In this example there is no authorization.
- First you need to download this repository to your computer
- Write this in your terminal:
git clone https://github.com/martyr00/Rust-rocket-mongoDB-token-auth-REST-API-boilerplate.git
- After open the project in your IDE
- You need to make your private.rs file as in the private.sample.rs:
pub const JWT_SECRET: &[u8] = b"<YOUR_JWT_SECRET_KEY>";
pub const REFRESH_JWT_SECRET: &'static str = b"<YOUR_REFRESH_JWT_SECRET_KEY>";
pub(crate) const URL_DB: &str = "mongodb+srv://<YOUR_LOGIN>:<YOUR_PASSWORD>@cluster0.d5yn0.mongodb.net/<YOUR_DB_NAME>";
JWT_SECRET
andREFRESH_JWT_SECRET
you need to come up with your own secret word to encrypt the tokens- For
URL_DB
you need registration your mongoDB acc here https://cloud.mongodb.com/
- To run write this in your terminal:
cargo check && cargo run
- /api/v1/registration (POST)
- /api/v1/login (POST)
- /api/v1/refresh (POST)
- /api/v1/public/hello (GET)
- /api/v1/hello (GET)
- /api/v1/public/user (DELETE, PATCH)
login
(must be unique && len login must be from 3 to 200 letter)password
(len password must be from 8 to 200 letter and password is hashed before being saved to the database.)mail
(must be unique and mail)first_name
(len must be from 2 to 150 letter and this field is optional)last_name
(len must be from 2 to 200 letter and this field is optional)
pub struct RegistrationRequest {
pub login: String,
pub password: String,
pub mail: String,
pub first_name: String,
pub last_name: String,
}
{
"login": "test",
"password": "12345678",
"mail": "[email protected]",
"first_name": "Test",
"last_name": ""
}
In response, the server will send 2 JWT tokens.
The token
is valid for 1 hour. Refresh token
is valid for 7 days.
token
is needed to verify user authorization.
With each private request, the token
will be sent fronted to
the headers in the authorization field.
More about jwt authentication https://blog.logrocket.com/jwt-authentication-in-rust/
pub struct Token {
pub token: String,
pub refresh_token: String,
}
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiNjJiNGRhOTk4ZjgyMzc2YTk1MzM1MWIxIiwiZXhwIjoxNjU2MDIzMjA5fQ.aJFDZVyMBuNYh5EAArYYfzYCTnHHCQ7IHuZpKNCXHs0",
"refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiNjJiNGRhOTk4ZjgyMzc2YTk1MzM1MWIxIiwiZXhwIjoxNjU4NjExNjA5fQ.2_DjxtQxtsLsprvhBfYU8rKAoDfWMdshoPKDUqq6QZQ"
}
bad login
-> Status 400 and string "Bad login" in jsonalready registered login
-> Status 400 and string "Already registered by login" in jsonbad password
-> Status 400 and string "Bad password" in jsonalready registered password
-> Status 400 and string "Already registered by password" in jsonbad mail
-> Status 400 and string "Bad mail" in jsonalready registered mail
-> Status 400 and string "Already registered by mail" in json
Status 400 Bad Request
{
"cause": "Already registered by login"
}
login
(The server checks 2 logins from the database and the request)password
(The server checks the encrypted password in the database with the password from the request)
pub struct LoginRequest {
pub login: String,
pub password: String,
}
{
"login": "test",
"password": "12345678"
}
pub struct Token {
pub token: String,
pub refresh_token: String,
}
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiNjJhM2I3Zjg4MTE1OWVkYWJmNTcwZjYwIiwiZXhwIjoxNjU2MDI0MDM1fQ.5Nu0lbN5X656JhuY8PrK1IJhWFVjHxKbh8CssKqHQqk",
"refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiNjJhM2I3Zjg4MTE1OWVkYWJmNTcwZjYwIiwiZXhwIjoxNjU4NjEyNDM1fQ.5OUiED1no-uizfYmq1xk6Z6XpX9TsbezDx8QxPSbyV0"
}
Bad request
(In any case)
Status 400
{
"cause": "Wrong request"
}
In this route, the frontend asks the server to
refresh the token
with a refresh token
in json
refresh token
(specific user)
pub struct RefreshToken {
pub(crate) refresh_token: String,
}
{
"refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiNjJhM2I3Zjg4MTE1OWVkYWJmNTcwZjYwIiwiZXhwIjoxNjU3NDg5NDcyfQ.BcTanbs5lyT-Yv2ekf5-xl_NzEqpKsh5S59AEuZrmVQ"
}
pub struct Token {
pub token: String,
pub refresh_token: String,
}
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiNjJhM2I3Zjg4MTE1OWVkYWJmNTcwZjYwIiwiZXhwIjoxNjU2MDI0MDM1fQ.5Nu0lbN5X656JhuY8PrK1IJhWFVjHxKbh8CssKqHQqk",
"refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiNjJhM2I3Zjg4MTE1OWVkYWJmNTcwZjYwIiwiZXhwIjoxNjU4NjEyNDM1fQ.5OUiED1no-uizfYmq1xk6Z6XpX9TsbezDx8QxPSbyV0"
}
Unauthorized
Status 400
{
"cause": "Unauthorized"
}
This is the only route without authorization. Therefore there is no request in this route.
#[get("/public/hello")]
pub async fn hello_world() -> Json<&'static str> {
Json("Hello world")
}
{
"Hello world"
}
In this route, the server checks in the headers token if the token is valid then the server executes the program.
authorization
Bearer
(TOKEN)
authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGci....
the response will be a greeting with the user. If the database contains his first name and surname, then the program will greet you by the first name and surname; if not, the program will greet you by login
pub struct HelloNameResponse {
pub(crate) greetings: String,
}
{
"greetings": "Hello test"
}
Unauthorized
Status 401
{
"cause": "Unauthorized"
}