A comprehensive To-Do List REST API built with Rust, Actix Web, and MySQL featuring authentication, authorization, and middleware.
- ✅ RESTful API for Todo management
- ✅ MySQL Database with SQLX for data persistence
- ✅ JWT Authentication & Authorization
- ✅ Environment Variables with .env support
- ✅ Middleware for error handling and logging
- ✅ Clean Architecture with proper separation of concerns
- ✅ Input Validation using validator crate
- ✅ Password Hashing with bcrypt
- ✅ CORS Support for frontend integration
- ✅ Database Migrations with SQLX
The project follows a clean architecture pattern:
src/
├── config/ # Configuration management
├── models/ # Database models
├── dto/ # Data Transfer Objects
├── repositories/ # Database access layer
├── services/ # Business logic layer
├── handlers/ # HTTP request handlers
├── middleware/ # Custom middleware
└── utils/ # Utility functions
- Rust 1.70+
- MySQL 8.0+
- Cargo
- Copy the example environment file:
cp .env.example .env- Update the
.envfile with your database credentials:
DATABASE_URL=mysql://username:password@localhost:3306/todo_db
SERVER_HOST=127.0.0.1
SERVER_PORT=8080
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production
JWT_EXPIRATION=24h
RUST_LOG=debug
ENVIRONMENT=development- Create a MySQL database:
CREATE DATABASE todo_db;- Clone the repository
- Install dependencies:
cargo build- Run the application:
cargo runThe server will start on http://127.0.0.1:8080
POST /api/v1/auth/register- Register a new userPOST /api/v1/auth/login- Login userGET /api/v1/auth/me- Get current user (requires auth)
POST /api/v1/todos- Create a new todo (requires auth)GET /api/v1/todos- Get todos with pagination (requires auth)GET /api/v1/todos/{id}- Get specific todo (requires auth)PUT /api/v1/todos/{id}- Update todo (requires auth)DELETE /api/v1/todos/{id}- Delete todo (requires auth)
GET /health- Server health check
curl -X POST http://localhost:8080/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{
"username": "johndoe",
"email": "john@example.com",
"password": "password123"
}'curl -X POST http://localhost:8080/api/v1/auth/login \
-H "Content-Type: application/json" \
-d '{
"username": "johndoe",
"password": "password123"
}'curl -X POST http://localhost:8080/api/v1/todos \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-d '{
"title": "Buy groceries",
"description": "Milk, eggs, bread",
"priority": "medium",
"due_date": "2024-12-31T10:00:00Z"
}'curl -X GET "http://localhost:8080/api/v1/todos?page=1&per_page=10" \
-H "Authorization: Bearer YOUR_JWT_TOKEN"User- User entity with authentication dataTodo- Todo item with priority levels and timestamps
- Request/Response objects for API endpoints
- Input validation using the
validatorcrate
AuthService- Handles user registration, login, and JWT operationsTodoService- Manages todo CRUD operations
AuthMiddleware- JWT token validation and user extractionLoggingMiddleware- Request/response logging
- Custom
AppErrorenum for different error types - Automatic HTTP status code mapping
- Structured error responses
- Password hashing with bcrypt
- JWT token-based authentication
- Request validation
- SQL injection protection through SQLX
- CORS configuration
The application uses two main tables:
id(UUID, Primary Key)username(Unique)email(Unique)password_hashcreated_at,updated_at
id(UUID, Primary Key)user_id(Foreign Key to users)titledescription(Optional)completed(Boolean)priority(Enum: low, medium, high)due_date(Optional)created_at,updated_at
cargo testcargo fmtcargo clippy- Set
ENVIRONMENT=productionin your.env - Use a strong
JWT_SECRET - Configure proper database credentials
- Set up reverse proxy (nginx/Apache)
- Enable SSL/TLS
- Configure proper logging levels
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
This project is licensed under the MIT License.