Table of Contents
This project is a demonstration of an Identity and Access Management (IAM) system built with Rust. It showcases various security features and best practices, including:
- Secure password handling (hashing) using Argon2id with salt
- User data encryption and decryption with ChaCha20-Poly130
- Configuration via environment variables
The project uses Actix-web for building the server and provides basic endpoints for user registration and health checks. It also includes modules for database interaction, encryption, hashing, and logging.
Note: This project is purely a demonstration and is not intended for production use.
In addition the project also shows fundamental understanding of databases and front end web technologies.
To get a local copy up and running follow these simple steps.
- Rust
- Cargo
-
Clone the repo
git clone https://github.com/lowpolycat1/gameshop.git
-
Rename the env_example file to
.envand change the settingsSERVER_IP = "0.0.0.0" SERVER_PORT = "8080" DOCKER_EXPOSED_PORT = "8080" DATABASE_PATH = "rocksdb:/var/lib/surrealdb" ENCRYPTION_KEY = "00000000000000000000000000000000" DATABASE_NAMESPACE = "test" DATABASE_NAME = "test" -
Build the project
cargo build --release
-
Run the project
cargo run --release
-
Clone the repo
git clone https://github.com/lowpolycat1/gameshop.git
-
Rename the env_example file to
.envand change the settingsSERVER_IP = "0.0.0.0" SERVER_PORT = "8080" DOCKER_EXPOSED_PORT = "8080" DATABASE_PATH = "rocksdb:/var/lib/surrealdb" ENCRYPTION_KEY = "00000000000000000000000000000000" DATABASE_NAMESPACE = "test" DATABASE_NAME = "test"
-
Build the project
docker build -t gameshop . -
Run the project
docker run -d -p {SERVER_IP}:{SERVER_PORT}:{DOCKER_EXPOSED_PORT} gameshop
Alternatively you can simply run the python script
Note: Docker is building this in --release mode: this may take A GOOD WHILE (10+ min) if you want this to be faster you can remove the --release in the Dockerfile
This is a demonstration of the project and can be used as a foundation to build upon. Use this space to show useful examples of how a project can be used. Additional screenshots, code examples and demos work well in this space. You may also link to more resources.
For more examples, please refer to the Documentation
- Secure config management using .env
- Password hashing using Argon2
- Data encryption using ChaCha20-Poly130
- API endpoints
- /register
- /login
- /change_username
- /change_password
- Portability via Docker
- JWT Token authentication
- Rate limiting
- HTTPS everywhere for data in transit
- Implementing database Migration service
- API endpoints
- /change_email
- /reset_password
- Using a Cryptographically secure RNG
See the open issues for a full list of proposed features (and known issues).
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
Note: This project is not actively maintained.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Distributed under the MIT License. See LICENSE.txt for more information.
lowpolycat1
Project Link: https://github.com/lowpolycat1/gameshop
