RATTS

RATTS is a DevOps ready, starter web application featuring stateless JWT/JWE authentication and deferred persistence user registration, written in Rust with axum, tokio, SQLx, argon2, and lettre. It features an Angular frontend with a clear public/private split, mirroring the structure of modern web applications. On the backend, PostgreSQL provides persistence with a dedicated user table and full migration support.

---

made with Rust, Axum and Tokio, supporting any TypeScript UI

---

Deploy it locally with Docker

git clone https://github.com/gameinstance/ratts.git
cd ratts
cp -v .env.template .env
docker compose up --build

and test it on http://localhost:3000, checking emails with mailcatcher at http://localhost:1080.

---

Minimum requirement: Docker, optionally: Rust (1.80+) and Node.js (v18+).

Description

RATTS implements a stateless-first REST architecture: all regular requests are handled without server-side session storage. The backend handles API requests from /api and serves files located in ./static from the webserver root.

The frontend is technology-flexible, with Angular as the default, but any TypeScript framework can plug in seamlessly thanks to strongly-typed API contracts generated with ts-rs.

The repo comes with a multi-stage Dockerfile that builds the backend, the frontend and then packs the deployment image. The docker compose setup will build, if needed, and run the web application image. It fetches, initiates and runs the official PostgreSQL Docker image with storage volume. For testing purposes, a demo SMTP mailcatcher is launched to capture and display the emails sent by the webserver.

Reuse

To start your next application using RATTS, you must first change the credentials in .env and configure an actual SMTP server. You can then extend and improve it to your requirements. As an MIT creation, you are free to rebrand it.

cd ratts
sed -i 's/ratts/your_awesome_project/g' *
sed -i 's/RATTS/YourAwesomeProject/g' *

Features

• Authentication
  • JWT/JWE-based login
  • Argon2id password hashing
  • Short-lived access tokens
• Registration flow
  • Email verification with short TTL token
  • Deferred persistence user registration
• Security
  • Angular route guards for protected pages
  • Minimal and generic responses on failures
• User area
  • Public pages (home, about, login, register)
  • Private dashboard (accessible only after login)
• DevOps ready
  • Docker compose for build and deployment

Changelog

[1.2.1] - 2025/11/07

• Corrected Angular memory-leaks caused by unsubscribed observer subscriptions.

[1.2.0] - 2025/10/24

• New functionality

  • Added support for return-url on login.

• Breaking frontend changes

  • Re-organized frontend directory structure to improve feature development.
  • Split the monolithic app into lazy loaded chunks.
  • Added interceptor-based header patching on authenticated requests.
  • Corrected the use of observers for authentication service requests.

[1.1.0] - 2025/09/24

• Replaced JWT with JWE for improved token security/privacy.

[1.0.0] - 2025/08/20

• Initial release with core features.

---

License

License: MIT - feel free to use this as a starting point for your own projects.

---