RustAPI/crates/rustapi-extras/Cargo.toml at 568be775f0963e64e7b59f0c7cb78a20f7fac9cd · Tuntii/RustAPI · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
[package]
name = "rustapi-extras"
description = "Production-ready middleware collection for RustAPI. Includes JWT auth, CORS, Rate Limiting, SQLx integration, and OpenTelemetry observability."
documentation = "https://docs.rs/rustapi-extras"
version.workspace = true
edition.workspace = true
authors.workspace = true
license.workspace = true
repository.workspace = true
homepage.workspace = true

[dependencies]
# Core dependency
rustapi-core = { workspace = true }
rustapi-openapi = { workspace = true }

# Async
tokio = { workspace = true, features = ["rt", "sync", "time"] }
futures-util = { workspace = true }
async-trait = { workspace = true }

# HTTP
http = { workspace = true }
bytes = { workspace = true }
http-body-util = { workspace = true }

# Serialization
serde = { workspace = true }
serde_json = { workspace = true }

# Utilities
thiserror = { workspace = true }
tracing = { workspace = true }

# JWT (feature-gated)
jsonwebtoken = { version = "9.3", optional = true }

# Rate limiting (feature-gated)
dashmap = { version = "6.0", optional = true }

# SQLx (feature-gated)
sqlx = { version = "0.8", optional = true, default-features = false }

# Diesel (feature-gated)
diesel = { version = "2.2", optional = true, default-features = false, features = ["r2d2"] }
r2d2 = { version = "0.8", optional = true }

# Configuration (feature-gated)
dotenvy = { version = "0.15", optional = true }
envy = { version = "0.4", optional = true }

# Cookies (feature-gated)
cookie = { version = "0.18", optional = true }
redis = { version = "0.27", optional = true, default-features = false, features = ["tokio-comp"] }

# Insight (feature-gated) - reuses dashmap from rate-limit
urlencoding = { version = "2.1", optional = true }

# HTTP client for webhook exporter (feature-gated)
reqwest = { version = "0.12", optional = true, default-features = false, features = ["json", "rustls-tls"] }

# OpenTelemetry (feature-gated)
opentelemetry = { version = "0.31", optional = true }
opentelemetry_sdk = { version = "0.31", optional = true, features = ["rt-tokio"] }
opentelemetry-otlp = { version = "0.31", optional = true }
opentelemetry-semantic-conventions = { version = "0.31", optional = true }
tracing-opentelemetry = { version = "0.32", optional = true }

# CSRF (feature-gated)
rand = { version = "0.8", optional = true }
base64 = { version = "0.22", optional = true }

# OAuth2 (feature-gated)
sha2 = { version = "0.10", optional = true }

# Replay (feature-gated)
uuid = { workspace = true, optional = true }

[dev-dependencies]
tokio = { workspace = true, features = ["macros", "rt-multi-thread"] }
proptest = "1.4"
rustapi-core = { workspace = true, features = ["test-utils"] }
rustapi-testing = { workspace = true }
tempfile = "3.26"
serial_test = "3.4"

[features]
default = []

# Individual  features
jwt = ["dep:jsonwebtoken"]
cors = []
rate-limit = ["dep:dashmap"]
config = ["dep:dotenvy", "dep:envy"]
cookies = ["dep:cookie"]
sqlx = ["dep:sqlx"]
sqlx-postgres = ["sqlx", "sqlx/postgres", "sqlx/runtime-tokio"]
sqlx-mysql = ["sqlx", "sqlx/mysql", "sqlx/runtime-tokio"]
sqlx-sqlite = ["sqlx", "sqlx/sqlite", "sqlx/runtime-tokio"]
diesel = ["dep:diesel", "dep:r2d2"]
diesel-postgres = ["diesel", "diesel/postgres"]
diesel-mysql = ["diesel", "diesel/mysql"]
diesel-sqlite = ["diesel", "diesel/sqlite"]
insight = ["dep:dashmap", "dep:urlencoding"]
webhook = ["insight", "dep:reqwest"]

# Phase 11 features
timeout = []
guard = ["jwt"]  # Guard requires JWT for auth
logging = []
circuit-breaker = []
retry = []
security-headers = []
api-key = []
cache = ["dep:dashmap"]
dedup = ["dep:dashmap"]
sanitization = []

# Phase 5: Observability features
otel = ["dep:opentelemetry", "dep:opentelemetry_sdk", "dep:opentelemetry-otlp", "dep:opentelemetry-semantic-conventions", "dep:tracing-opentelemetry"]
structured-logging = []

# Phase 6: Security features
csrf = ["dep:cookie", "dep:rand", "dep:base64"]
oauth2-client = ["dep:sha2", "dep:rand", "dep:base64", "dep:reqwest", "dep:urlencoding"]
audit = ["dep:rand"]
session = ["dep:cookie", "dep:uuid"]
session-redis = ["session", "dep:redis"]

# Replay (time-travel debugging)
replay = ["dep:reqwest", "dep:dashmap", "dep:uuid", "rustapi-core/replay"]

# Meta feature that enables all security features
extras = ["jwt", "cors", "rate-limit"]

# Observability meta feature
observability = ["otel", "structured-logging"]

# Full feature set (retry temporarily disabled)
full = ["extras", "config", "cookies", "sqlx", "insight", "webhook", "timeout", "guard", "logging", "circuit-breaker", "security-headers", "api-key", "cache", "dedup", "sanitization", "retry", "otel", "structured-logging", "csrf", "oauth2-client", "audit", "session", "session-redis", "replay"]