Rust Web-Applicationserver with Rocket

Self-contained System.

Basic pre-configured Rust Webserver with Rocket, CORS, CSRF, Fileserver for Tera-Templates and static assets.

Status

Still under development

Features

• Rust programming language

• Rocket webframework

• Self-contained System with Web-based Userinterface

• CORS

• CSRF (Argon2)

• Rocket Fileserver with automatic static asset support

• template-based UI with Tera, JS and CSS support

• responsive web design with CSS3 (mobile first)

• i18n UI frontend support with JSON (Browser auto-detection and switchable)

• dark-/light-mode switchable

• remote shutdown (shutdown API)

• logfiles with typical log-levels

• configured error-handling (400, 404, 422, 500)

• display current application-log

• configure CSRF fairing for put/delete/post

• tbd.

HISTORY:

Version	Date	Developer	Comments
0.1.0	2023-12-16	RZheng	created
0.1.1	2024-01-07	RZheng	added: user/loginform

Authors

• @Zheng-Bote

License

API Reference

Landing Page

loads the landing page with some explanations

  GET /

Returns: HTML page (template)

user/login

load login-form

  GET /user/login

Parameter	Type	Description
none	html	loads login-form

Returns: HTML page (template)

assets/static content

Fileserver provides static assets

  GET /assets/<index.html>

Parameter	Type	Description
none	mime-type	loads static asset

Returns: static asset, auto-detection of mime-type

shutdown Rocket webserver

gracefull shutdown the rocket webserver

not yet secured, accessable for everyone

  GET /shutdown

Parameter	Type	Description
none	GET	system shutdown

Returns: Shuting down the application.

Setup

Environment Variables

To run this project, you will need to add the following environment variables to your .env file (see example: env_example)

DATABASE_URL="postgres://username:password@dbhost:port/database"

For production, you need to configure Rocket secret_key or disable it in your Rocket.toml

Database

not implemented within this template

Logfile

stored in <appfolder>/logs/application.log

no log rotation implemented

default logging mode: normal

run

cargo run

build release

cargo build --release

Security

the following CORS are defined (in main.rs):

response.set*header(Header::new("Access-Control-Allow-Origin", "*"));
response.set*header(Header::new("Access-Control-Allow-Methods", "POST, GET, PATCH, OPTIONS", ));
response.set_header(Header::new("Access-Control-Allow-Headers", "*"));
response.set_header(Header::new("Access-Control-Allow-Credentials", "true"));

response.set_header(Header::new("Strict-Transport-Security", "max-age=63072000"));

please be aware of "Strict-Transport-Security"

The CSRF token is build with Argon2

Screenshots

Startpage

Example with english language (Example comes with EN and DE).

Header area with left hand brand icon and brand title

Header area with right hand navigation icons (toggle Language, toggle mode, login)

Startpage

Example with german language (Example comes with EN and DE).

dark mode / light mode

user/loginform

Fileserver/static assets

the end

🖖

(back to top)