7.5 KiB
Axum + Tokio API Baslangici
Bu proje Rust ile yazilmis minimal bir Axum API iskeletidir. JWT access/refresh token ile temel account akisi da dahildir.
Detayli teknik dokumantasyon icin bkz. docs/IMPLEMENTATION.md.
Admin panel baslangic dokumani icin bkz. docs/ADMIN_PANEL_PLAN.md.
Ozellik Ozeti
- JWT access/refresh tabanli account sistemi
- Swagger / OpenAPI dokumani
- Multipart image upload
- Query tabanli image process endpointi
- Image listeleme ve variant stream endpointleri
- SeaORM entity + migration yapisi
- Local filesystem storage (
uploads/originals,uploads/variants) - Ayrik admin panel iskeleti (
admin-panel/) - Dinamik CORS (DB tabanli whitelist/blacklist + Redis cache/rate limit)
Not: CORS migration'lari calisirken cors_origins tablosuna bilinen frontend portlari
(localhost/127.0.0.1 icin 5173, 4173, 3001) whitelist olarak seed edilir;
ornek blacklist girdileri de eklenir.
Proje Yapisi
src/main.rs-> sadece uygulama bootstrap ve server baslatmasrc/app/mod.rs-> genel route'lar (/,/health,/db/ping) ve router birlestirmesrc/auth/mod.rs-> account endpointleri ve JWT/password islemlerisrc/images/-> image controller/service/repository/dto/model/processor katmanlarisrc/entities/-> SeaORM entity tanimlarisrc/migration/-> auth ve image tablolarinin migration dosyalarisrc/state/mod.rs->AppState, auth state ve env tabanli initsrc/error/mod.rs-> global JSON hata modeli veApiErrorsrc/telemetry/mod.rs->tracingkurulumusrc/tests/mod.rs-> endpoint testleriadmin-panel/-> React + TypeScript admin panel MVP
Akis Ozetleri
Auth
register/loginile token cifti uretilirrefreshile token rotasyonu yapilirmeendpointi aktif kullaniciyi doner
Image Upload
- Bearer token dogrulanir
- Orijinal dosya
uploads/originalsaltina yazilir - Istenen format/dimension ile variant uretilir
- Variant dosya
uploads/variantsaltina yazilir - DB aktifse metadata
imagesveimage_variantstablolarina kaydedilir GET /api/v1/imagesile kayitlar listelenirGET /api/v1/images/{id}/variantile son variant stream edilir
Endpointler
GET /-> Basit bilgilendirme mesajiGET /health-> JSON health yanitiGET /db/ping-> DB baglantisiniSELECT 1ile test ederPOST /api/v1/auth/register-> Hesap olusturur ve token ciftini donerPOST /api/v1/auth/login-> Giris yapar ve token ciftini donerPOST /api/v1/auth/refresh-> Refresh token ile token rotasyonu yaparPOST /api/v1/auth/logout-> Verilen refresh token oturumunu sonlandirirGET /api/v1/auth/me-> Access token ile aktif kullaniciyi donerGET /api/v1/images/process-> Query ile image isleme parametrelerini dogrular (token gerekir)POST /api/v1/images/process-> Multipart form-data ile image yukler ve parametreleri uygularGET /api/v1/images-> Kayitli image metadata listesini doner (DB gerekir)GET /api/v1/images/{id}/variant-> Image'in son variant dosyasi binary stream eder (DB gerekir)GET /api-docs/openapi.json-> OpenAPI JSON dokumaniGET /swagger-ui-> Swagger UI
Ornek /health yaniti:
{"status":"ok"}
Ornek hata formati:
{
"error": {
"code": "NOT_FOUND",
"message": "Istenen endpoint bulunamadi"
}
}
Calistirma
Ortam degiskenleri icin once ornek dosyayi kopyalayip degerleri doldurun:
cp .env.example .env
Ardindan kendi gizli degerlerinizi .env dosyasina girin.
cargo run
Varsayilan adres:
http://0.0.0.0:3000
Docker ile Calistirma
Proje icin Dockerfile, .dockerignore ve docker-compose.yml dosyalari eklendi.
Compose bu kurulumda sadece API'yi (ve opsiyonel admin paneli) ayaga kaldirir.
PostgreSQL ve Redis disarida zaten calisiyor olmalidir.
- Ornek Docker env dosyasini olusturun:
cp .env.docker.example .env.docker
- Servisleri build edip baslatin:
docker compose --env-file .env.docker up --build -d
Frontend (admin panel) da acmak icin profile ile calistirin:
docker compose --env-file .env.docker --profile frontend up --build -d
- Loglari izleyin:
docker compose logs -f api
- Servisleri durdurun:
docker compose down
Sadece frontend profilini kapatmak isterseniz:
docker compose stop admin-panel
Kalici volume'ler:
uploads_data->uploads/originalsveuploads/variants
Docker icinde endpointler:
- API:
http://127.0.0.1:3000 - Admin panel (frontend profili acikken):
http://127.0.0.1:5173 - Swagger:
http://127.0.0.1:3000/swagger-ui - OpenAPI JSON:
http://127.0.0.1:3000/api-docs/openapi.json
Not: Reverse proxy yok; frontend tarayicidan API'ye dogrudan VITE_API_BASE_URL
degeri ile erisir (varsayilan: http://127.0.0.1:3000).
Not: API container dis servislerle varsayilan olarak host.docker.internal uzerinden
haberlesir. Gerekirse .env.docker icinde DATABASE_URL ve REDIS_URL degerlerini
kendi ortamina gore guncelle.
Farkli port icin:
PORT=8080 cargo run
DB baglantisi ile calistirmak icin:
DATABASE_URL="postgres://kullanici:sifre@localhost:5432/veritabani" cargo run
Redis ile calistirmak icin:
REDIS_URL="redis://127.0.0.1:6379" cargo run
Request log seviyesini degistirmek icin:
RUST_LOG=debug,tower_http=info cargo run
JWT ayarlari (opsiyonel):
JWT_SECRET="cok-gizli-anahtar"
JWT_ISSUER="web-api"
ADMIN_EMAILS="admin@example.com"
ACCESS_TOKEN_TTL_SECS=900
REFRESH_TOKEN_TTL_SECS=604800
Swagger UI ac/kapa:
ENABLE_SWAGGER_UI=true
IMAGE_ACCESS_TOKEN=image-dev-token
IMAGE_UPLOAD_DIR=uploads/originals
IMAGE_VARIANT_DIR=uploads/variants
CORS_DEFAULT_ALLOW=false
CORS_ALLOW_LOCALHOST=true
CORS_RATE_LIMIT_PER_MINUTE=120
CORS_CACHE_TTL_SECS=300
Auth Ornekleri
Register:
curl -s -X POST http://127.0.0.1:3000/api/v1/auth/register \
-H 'content-type: application/json' \
-d '{"email":"demo@example.com","password":"Sup3rSifre!"}'
Login:
curl -s -X POST http://127.0.0.1:3000/api/v1/auth/login \
-H 'content-type: application/json' \
-d '{"email":"demo@example.com","password":"Sup3rSifre!"}'
Refresh:
curl -s -X POST http://127.0.0.1:3000/api/v1/auth/refresh \
-H 'content-type: application/json' \
-d '{"refresh_token":"<REFRESH_TOKEN>"}'
Me:
curl -s http://127.0.0.1:3000/api/v1/auth/me \
-H 'authorization: Bearer <ACCESS_TOKEN>'
Image process:
curl -s "http://127.0.0.1:3000/api/v1/images/process?w=800&format=webp&quality=80&crop=cover" \
-H 'authorization: Bearer image-dev-token'
Image upload (multipart):
curl -s -X POST http://127.0.0.1:3000/api/v1/images/process \
-H 'authorization: Bearer image-dev-token' \
-F "file=@/tmp/demo.jpg" \
-F "width=800" \
-F "format=webp" \
-F "quality=80" \
-F "crop=cover"
Image list:
curl -s "http://127.0.0.1:3000/api/v1/images?page=1&limit=10&q=demo&format=webp" \
-H 'authorization: Bearer <ACCESS_TOKEN>'
Image variant stream:
curl -L "http://127.0.0.1:3000/api/v1/images/<IMAGE_ID>/variant" \
-H 'authorization: Bearer <ACCESS_TOKEN>' \
-o variant-output.avif
Not: Upload edilen orijinal dosya varsayilan olarak uploads/originals, islenmis format cikti dosyasi uploads/variants altina kaydedilir.
DB baglantisi aktif ve token JWT access ise metadata images ve image_variants tablolarina yazilir.
Test
cargo test
Admin Panel Calistirma
cd /home/beyhan/Projeler/Rust/Web/admin-panel
cp .env.example .env
npm install
npm run dev