revelation-user

Professional user domain for Rust web applications

Authentication, authorization, and user management — batteries included

Table of Contents

• Features
• Installation
• Quick Start
• Core Types
• Framework Integration
• Extending Users
• RBAC Permissions
• Code Coverage

Features

• Multiple Auth Methods — Telegram, Email, Phone authentication out of the box
• JWT Claims — Type-safe claims with expiration and role checking
• RBAC Permissions — Fine-grained permission system with bitflags
• Framework Extractors — Zero-boilerplate auth for Axum and Actix-web
• Projections — Type-safe views that prevent accidental data leaks
• Extensible — extend_user! macro for application-specific fields
• Entity-Derive Integration — Auto-generated DTOs via entity-derive

Installation

[dependencies]
revelation-user = { version = "0.1", features = ["axum"] }

Available Features

Note: axum and actix features are mutually exclusive.

Quick Start

use revelation_user::{RUser, Claims, RUserRole};

// Create user from authentication
let user = RUser::from_telegram(123456789);
let user = RUser::from_email("user@example.com");
let user = RUser::from_phone("+14155551234");

// Create JWT claims
let exp = (chrono::Utc::now().timestamp() + 3600) as usize;
let claims = Claims::new(user.id, RUserRole::User, exp);

// Check permissions
assert!(!claims.is_expired());
assert!(!claims.is_admin());

Core Types

Entity

Projections

DTOs

Framework Integration

Axum

use axum::{Router, Json, routing::get};
use revelation_user::{Claims, RUserPublic};

async fn me(claims: Claims) -> Json<RUserPublic> {
    // Claims extracted from JWT cookie or Authorization header
    todo!()
}

let app = Router::new().route("/me", get(me));

Actix-web

use actix_web::{web, HttpResponse};
use revelation_user::Claims;

async fn me(claims: Claims) -> HttpResponse {
    HttpResponse::Ok().json(claims.user_id())
}

Extending Users

Use the extend_user! macro for application-specific fields:

use revelation_user::{extend_user, RUser};
use uuid::Uuid;

extend_user! {
    /// Corporate user with company-specific fields.
    pub struct CorpUser {
        pub company_id: Uuid,
        pub department: String,
    }
}

let user = CorpUser::from_telegram(123456789)
    .name("John")
    .then()
    .company_id(Uuid::now_v7())
    .department("Engineering")
    .build();

// Access RUser fields via Deref
assert!(user.telegram_id.is_some());

RBAC Permissions

Fine-grained permission system:

use revelation_user::{Permissions, RUserRole, Role};

// Check role permissions
let role = RUserRole::Premium;
assert!(role.can(Permissions::READ));
assert!(role.can(Permissions::WRITE));

// Admin has all permissions
let admin = RUserRole::Admin;
assert!(admin.can(Permissions::all()));

// Custom permission checks in Claims
let claims = Claims::new(uuid::Uuid::now_v7(), RUserRole::User, exp);
assert!(claims.can(Permissions::READ));

Permission Flags

Code Coverage

We maintain high test coverage to ensure reliability. Below are visual representations of our codebase coverage:

Sunburst

The inner circle represents the entire project. Moving outward: folders, then individual files. Size = number of statements, color = coverage percentage.

Grid

Each block represents a file. Size = number of statements, color = coverage level (green = high, red = low).

Icicle

Hierarchical view: top = entire project, descending through folders to individual files. Size and color represent statements and coverage.

License

MIT