Vlad Durnea
38cab8c246
Some checks failed
CI/CD Pipeline / lint (push) Successful in 3m45s
CI/CD Pipeline / integration-tests (push) Failing after 58s
CI/CD Pipeline / unit-tests (push) Failing after 1m2s
CI/CD Pipeline / e2e-tests (push) Has been skipped
CI/CD Pipeline / build (push) Has been skipped
Regressions fixed: - gateway/src/worker.rs: missing session_manager field in AuthState (M3 regression) - gateway/src/main.rs: same missing field in monolithic gateway - storage/src/handlers.rs: removed unused validate_role (now handled by RlsTransaction) M2 Storage Pillar — verified complete: - StorageBackend trait with full API (put/get/delete/copy/head/list/multipart) - AwsS3Backend implementation with streaming get_object - StorageMode enum (Cloud/SelfHosted) in Config - All routes: CRUD buckets, CRUD objects, copy, move, sign, public URL, health - Bucket constraints: file_size_limit + allowed_mime_types enforced on upload - TUS resumable uploads with S3 multipart (5MB chunking) - Image transforms run via spawn_blocking - docker-compose.pillar-storage.yml, templates/storage-node.yaml - Shared Docker network on all pillar compose files M3 Auth Completeness — verified complete: - POST /logout revokes refresh tokens + Redis sessions - GET /settings returns provider availability - POST /magiclink with hashed token storage - DELETE /user soft-delete with token revocation - Recovery flow accepts new password - Email change requires re-verification via token - OAuth callback redirects with fragment tokens - MFA verify returns aal2 JWT with amr claims - MFA challenge validates factor ownership - SessionManager wired into login/logout - GET /sessions returns active sessions - Configurable ACCESS_TOKEN_LIFETIME - Claims model extended with session_id, aal, amr Tests: 62 passed, 0 failed, 11 ignored (external services) Warnings: 0 Made-with: Cursor
MadBase
MadBase is an open-source, high-performance Backend-as-a-Service (BaaS) written in Rust. It serves as a lightweight alternative to Supabase, providing a comprehensive suite of tools for building modern web and mobile applications.
🚀 Features
MadBase consolidates the following services into a single, efficient binary:
- 🔐 Authentication (
/auth/v1)- User Signup & Login (Email/Password).
- JWT-based Session Management.
- Row Level Security (RLS) integration with PostgreSQL.
- 💾 Data API (
/rest/v1)- Auto-generated REST API for your Postgres tables.
- CRUD operations (Select, Insert, Update, Delete).
- Filtering, Pagination, and Ordering.
- Stored Procedure (RPC) calls.
- ⚡ Realtime (
/realtime/v1)- WebSocket-based event streaming.
- Listen to database changes via Postgres
LISTEN/NOTIFY.
- 📦 Storage (
/storage/v1)- S3-compatible object storage (backed by MinIO).
- File Upload, Download, and Management.
- Integrated RLS permissions for buckets and objects.
- 🎛️ Control Plane (
/platform/v1)- Project Management.
- Automatic API Key Generation (
anonandservice_role).
🛠️ Architecture
MadBase is built as a modular monolith in Rust, utilizing the Axum web framework for high performance and low latency.
- Gateway: The central entry point that routes requests to appropriate internal modules.
- PostgreSQL: The primary database for data, auth, and system state.
- MinIO: S3-compatible object storage.
🏁 Getting Started
Prerequisites
- Rust (latest stable)
- Docker & Docker Compose (for DB and MinIO)
- PostgreSQL Client (optional, for debugging)
Installation
-
Clone the repository:
git clone https://github.com/yourusername/madbase.git cd madbase -
Start Infrastructure: Spin up PostgreSQL and MinIO using Docker Compose:
docker-compose up -d -
Run Migrations: Initialize the database schema:
sqlx migrate run(Note: You may need to install sqlx-cli:
cargo install sqlx-cli) -
Start the Gateway: Run the main server:
cargo run -p gatewayThe server will start at
http://0.0.0.0:8000.
📖 Usage Guide
1. Create a Project
Use the Control Plane to initialize a project and get your API keys.
curl -X POST http://localhost:8000/platform/v1/projects \
-H "Content-Type: application/json" \
-d '{"name": "my-awesome-app"}'
Response:
{
"id": "...",
"anon_key": "eyJ...",
"service_role_key": "eyJ...",
...
}
Save the anon_key and service_role_key!
2. Authentication
Sign up a new user:
curl -X POST http://localhost:8000/auth/v1/signup \
-H "apikey: <ANON_KEY>" \
-H "Content-Type: application/json" \
-d '{"email": "user@example.com", "password": "securepassword"}'
3. Data Operations
Query a table (e.g., users):
curl -X GET "http://localhost:8000/rest/v1/users?select=*" \
-H "apikey: <ANON_KEY>" \
-H "Authorization: Bearer <USER_ACCESS_TOKEN>"
4. Realtime
Connect via WebSocket:
ws://localhost:8000/realtime/v1
5. Storage
Upload a file:
curl -X POST http://localhost:8000/storage/v1/object/my-bucket/image.png \
-H "apikey: <ANON_KEY>" \
-H "Authorization: Bearer <USER_ACCESS_TOKEN>" \
-F "file=@./local-image.png"
🗺️ Roadmap
See ROADMAP.md for detailed progress and future plans.
📄 License
MIT