11 releases

new 0.1.10 Feb 13, 2024
0.1.9 Feb 6, 2024
0.1.8 Jan 31, 2024
0.1.3 Dec 14, 2023
0.1.1 Nov 28, 2023

#66 in Cargo plugins

Download history 14/week @ 2023-10-27 5/week @ 2023-11-03 2/week @ 2023-11-10 4/week @ 2023-11-17 34/week @ 2023-11-24 31/week @ 2023-12-01 39/week @ 2023-12-08 12/week @ 2023-12-15 9/week @ 2023-12-22 35/week @ 2023-12-29 38/week @ 2024-01-05 7/week @ 2024-01-12 52/week @ 2024-01-19 50/week @ 2024-01-26 51/week @ 2024-02-02 75/week @ 2024-02-09

230 downloads per month

MPL-2.0 license

1.5K SLoC

DivviUp API Server and web app


  • Coverage Status
  • Rust CI
  • TypeScript CI
  • Docker Build

API Specification:

TODO: This will either be an inline description of the API or a link to another markdown document or swagger definition

Configuring and running

System requirements

Setting up Auth0

TODO: This section will be updated with step-by-step instructions to configure auth0 for this application from scratch.

Required environment variables

An example .envrc is provided for optional but recommended use with direnv.

  • AUTH_URL -- The Auth0-hosted base url that we use for identity (see auth0 config section)
  • API_URL -- The public-facing base url for this application
  • AUTH_CLIENT_ID -- Auth0-provided client id (see auth0 config section)
  • AUTH_CLIENT_SECRET -- Auth0-provided client secret (see auth0 config section)
  • SESSION_SECRETS -- Comma-joined base64url-encoded, without padding, cryptographically-randomly secrets that are each at least 32 bytes long after base64url decoding. The first one will be used for new sessions.
  • AUTH_AUDIENCE -- The OAuth 2 audience, for use when authenticating users via Auth0
  • APP_URL -- The public-facing url for the associated browser client application
  • DATABASE_URL -- A libpq-compatible postgres uri
  • POSTMARK_TOKEN -- the token from the transactional stream from a postmark account
  • EMAIL_ADDRESS -- the address this deployment should send from
  • DATABASE_ENCRYPTION_KEYS -- Comma-joined url-safe-no-pad base64'ed 16 byte cryptographically-random keys. The first one will be used to encrypt aggregator API authentication tokens at rest in the database

Optional binding environment variables

  • HOST -- default "localhost", on unix-like systems, the server can also be configured to bind to bsd/berkeley sockets by setting HOST to a filesystem path, in which case PORT is ignored
  • PORT -- default 8080
  • LISTEN_FD -- if supplied on unix-like systems, if this is set to an open file descriptor number, the server will listen to that fd
  • OTEL_EXPORTER_PROMETHEUS_HOST -- default "localhost"
  • ASSET_DIR -- set this to skip building the react app and include react app assets from a different directory

Initial setup

Migrating the database

  • First, create the database referred to by DATABASE_URL in your environment. This may an invocation of createdb if running locally.
  • cargo run -p migration -- up will bring the application up to the current schema
  • For more options, execute cargo run -p migration -- --help emits this:
cargo run -p migration -- --help
sea-orm-migration 0.11.0

    migration [OPTIONS] [SUBCOMMAND]

    -h, --help
            Print help information

    -s, --database-schema <DATABASE_SCHEMA>
            Database schema
             - For MySQL and SQLite, this argument is ignored.
             - For PostgreSQL, this argument is optional with default value 'public'.
            [env: DATABASE_SCHEMA=]

    -u, --database-url <DATABASE_URL>
            Database URL
            [env: DATABASE_URL=postgres://localhost/divviup_dev]

    -v, --verbose
            Show debug messages

    -V, --version
            Print version information

            Initialize migration directory
            Generate a new, empty migration
            Drop all tables from the database, then reapply all migrations
            Rollback all applied migrations, then reapply all migrations
            Rollback all applied migrations
            Check the status of all migrations
            Apply pending migrations
            Rollback applied migrations
            Print this message or the help of the given subcommand(s)

Installing npm dependencies

$ cd app && npm ci && cd -

Running the server

This service has dependencies on several external services. In order to support development and testing, there is an api-mocks cargo feature to stub out all external services including aggregator apis, auth0, and postmark.

As such, to run a standalone development server,

$ cargo run --features api-mocks

Embedded React App

If an environment variable ASSET_DIR is available, all files in that directory will be served as a virtual host on APP_URL.

$ cd app && npm ci && npm run build && cd - && env ASSET_DIR=app/build cargo run

Running the React development server

Configure the rust app environment to point APP_URL to whatever port you're using here, eg env APP_URL=http://localhost:8082 cargo run --features api-mocks

$ cd app && PORT=8082 npm start

Security Notes

  • We do not have CSRF protections because we only accept a custom content type for non-idempotent request methods such as POST, and have constrained CORS rules.


~1M SLoC