Creating an API server in Rust with Actix, SQLx and JWT

Explore building a Rust API server with Actix, SQLx and JWT, implementing unauthenticated sign up and sign in, plus authenticated CRUD for categories and transactions and a running balance.

Explore the money flow database structure with three tables: users, categories, and transactions, detailing their essential columns, running totals, and timestamps.

Design an api organized into users, categories, and transactions, with sign in, sign up, profile management, and category and transaction create, read, update, and delete, including listing transactions by category.

Install and configure sql x and sql cli to manage migrations for a MySQL database in async rust project, noting compile-time queries and that sql x is not an orm.

Set up a MySQL database using a dot env file, run sqlx migrations, and create a users table with id, email, password, first name, last name, balance, createdat, and updatedat.

Create a categories table migration with sqlx migrate, adding id, user_id, name, description, balance, created_at, and updated_at. Establish user_id as a foreign key to users(id) with on delete cascade.

Learn how to create the transactions table via SQLx migrations in a Rust Actix API, adding category_id, type, amount, and memo with proper foreign keys and timestamps.

Learn to structure a Rust Actix web API by creating a controllers module, adding auth and user endpoints, and registering sign up, sign in, and me services in main.rs.

Define a signup request struct with email, password, first name, and last name, and deserialize JSON from the request body in Actix using serde derive while testing with signup data.

Test api endpoints with insomnia by sending a post request to the sign up endpoint using a json body with password, first name, and last name.

Implement sign up by checking email existence and creating an account, using a shared app state with a MySQL pool (sqlx) wrapped in a mutex and dot env for variables.

Use cargo watch to automatically rerun cargo run whenever you modify source code, eliminating manual restarts. Install cargo watch with cargo install and run it as cargo watch -x run.

Finish the signup by creating a new user record with email, first name, last name, and a bcrypt-hashed password (cost 12), then verify the record is stored.

Learn to return consistent JSON responses in an Actix web API, handling error and success messages with proper status codes (422 and 201) and correct JSON content type.

Create a jwt verification middleware in Rust with Actix to protect routes by extracting the authorization header, validating a bearer token, decoding with the secret, and storing the user id.

Apply the jwt verification middleware to an authenticated /api scope in main.rs. Exclude sign up and sign in, and move Getprofile and update profile inside the scope at /api/me.

Implement the get profile endpoint to fetch a user by id from the database pool, serialize the user to JSON with Chrono-based timestamp serialization, and omit the password.

Implement update profile endpoint by deserializing first and last name, updating the user in the database, and returning the updated user.

Refactor to add an async utility that extracts the authenticated user from the request and fetches it from the database. Use it in controllers to verify ownership.

Develop a categories API in Rust using Actix by building a controller with index, create, show, update, and destroy endpoints, wiring routes and registering services in the main app.

Implement the categories index endpoint to fetch all categories for a user, define the category struct (id, name, optional description, timestamps, balance, user id), and return JSON.

Implement a create category function in Rust with Actix, SQLx, and JWT, deserializing input, creating the category with name and optional description, and returning the created category by id.

Implement the update category endpoint in a Rust Actix API, verify user ownership, and update name and description, returning the updated category after a put request.

Delete a category by id in a Rust Actix SQLx JWT API, validating user ID, executing a simple delete query, returning ok with success status, and verifying via listing categories.

Replace unwraps with optional lookups for categories to handle missing records. Return 404 not found when a category doesn't exist and update create, show, update, and delete endpoints accordingly.

Outline a transactions api in Rust using Actix and SQLx by creating a controller, defining index, show, create, update, and destroy endpoints, and registering them in the main app.

Implement the index endpoint to list a user's transactions, using Actix and SQLx, with a serializable transaction struct and user-id extraction from the request.

Implement a create transaction endpoint in Rust with Actix, SQLx, and JWT, validating category ownership, inserting the transaction, and returning the created record while planning balance updates.

Validate user and category balances when creating a debit transaction, return an insufficient balance error if needed, and update the user and category balances after creation.

Test creates a transaction to update user and category balances to 1000 on success, and shows an insufficient balance error for a 2000 debit, using insomnia and a credit type.

Implement the show transaction endpoint by validating the user id, retrieving the transaction from the database, handling not-found errors, and returning the public transaction when the id matches.

Implement the update transaction endpoint to modify memo and optional description, derive deserialize for the UpdateTransactionRequest, verify user ownership, update via the database, and return the updated transaction.

List transactions in a category by creating a get /categories/{id}/transactions endpoint in the categories controller. Validate category ownership, then fetch all related transactions using the existing transactions logic.

Refactor the API server's transaction type checks by introducing is_credit and is_debit utilities to replace string comparisons and prevent typos.