Backend Development
Open Source

Strawberry & Sugar: High-Performance Actix-Web & SQLx API

RustSQLActix-WebPostgreSQLSQLxArgon2JWTValidator

A high-performance Rust backend built on Actix-Web and SQLx, featuring compile-time query verification, Argon2 hashing, and strict role-based access control (RBAC).

Tech Stack

RustSQLActix-WebPostgreSQLSQLxArgon2JWTValidator

System Metrics

Database connection pooling is handled asynchronously via `PgPoolOptions`, completely preventing thread blocking even under massive network I/O loads
Application state (`AppState`) is distributed safely across all worker threads via Actix-Web's `web::Data` utilizing Atomic Reference Counting (Arc) for zero-copy memory efficiency
Heavy CPU-bound cryptography operations (Argon2) are properly structured to prevent blocking the core async runtime loop

Why Did I Build This?

"Mainstream web frameworks often compromise on performance or lack strict memory safety. My goal was to build a blazingly fast, leak-proof backend architecture using Actix-Web and SQLx, taking advantage of Rust's zero-cost abstractions. I needed a secure system with strict role-based access control (RBAC), and having database queries checked at compile-time was an absolute necessity for me to avoid runtime surprises."

Architecture & Decisions

The architecture relies heavily on Actix-Web's asynchronous actor model and SQLx's compile-time query verification. Authentication utilizes Argon2id for password hashing and embeds JWTs directly into `HttpOnly` cookies. Instead of standard middleware, route security is enforced via a custom `AuthenticatedUser` extractor implementing Actix's `FromRequest` trait; this drops unauthorized payloads at the memory level before they ever hit the controller layer. Custom PostgreSQL `ENUM` types (`user_role`, `petition_status`) are mapped strictly 1:1 with Rust structs, and critical administrative operations are executed within tight transaction (`tx`) blocks to guarantee ACID compliance.

Key Features

  • 01.Autonomous JWT and Cookie-based authentication extractor implemented natively via Actix's `FromRequest` trait
  • 02.Hierarchical Role-Based Access Control (RBAC) mapped perfectly to native PostgreSQL custom types
  • 03.Asynchronous, compile-time verified database queries using SQLx, inherently eliminating SQL injection vectors
  • 04.An integrated Audit Log infrastructure that tracks all administrative mutations atomically within database transactions
  • 05.Incoming payload validation at the edge of the controller layer leveraging the `validator` crate
The strongest aspect of this project is the extremely tight coupling between the database schema and the backend runtime. Instead of relying on raw string queries, validating SQL at compile-time via SQLx eliminates an entire class of runtime errors before the code even deploys. Furthermore, leveraging Actix's `FromRequest` trait to handle route protection via parameter injection keeps the codebase incredibly clean and makes bypassing authorization checks virtually impossible at the memory level.