aegis-server 0.1.7

API server for Aegis database
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173

<p align="center">
  <img src="https://raw.githubusercontent.com/AutomataNexus/Aegis-DB/main/AegisDB-logo.png" alt="AegisDB Logo" width="300">
</p>

# aegis-server

<p align="center">
  <a href="https://opensource.org/licenses/Apache-2.0"><img src="https://img.shields.io/badge/License-Apache%202.0-blue.svg" alt="License"></a>
  <a href="https://www.rust-lang.org/"><img src="https://img.shields.io/badge/Rust-1.75%2B-orange.svg" alt="Rust"></a>
  <img src="https://img.shields.io/badge/crate-0.1.0-green.svg" alt="Version">
  <a href="../../README.md"><img src="https://img.shields.io/badge/part%20of-AegisDB-teal.svg" alt="AegisDB"></a>
</p>

REST API server for the Aegis Database Platform.

## Overview

`aegis-server` provides the HTTP API layer built on Axum, featuring authentication, authorization, and endpoints for all database operations. It serves both the programmatic API and the web dashboard backend.

## Features

- **REST API** - Full CRUD operations for all data paradigms
- **Authentication** - Username/password, MFA, LDAP, OAuth2/OIDC
- **Authorization** - Role-based access control (RBAC)
- **Audit Logging** - Comprehensive activity tracking
- **Admin API** - Cluster management and monitoring

## Architecture

```
┌─────────────────────────────────────────────┐
│                HTTP Server                  │
│                  (Axum)                     │
├─────────────────────────────────────────────┤
│              Middleware Layer               │
│  ┌─────────┬──────────┬─────────────────┐  │
│  │  Auth   │  Logging │  Rate Limiting  │  │
│  └─────────┴──────────┴─────────────────┘  │
├─────────────────────────────────────────────┤
│               Route Handlers                │
│  ┌───────┬───────┬────────┬────────────┐   │
│  │ Query │  KV   │  Docs  │   Admin    │   │
│  └───────┴───────┴────────┴────────────┘   │
├─────────────────────────────────────────────┤
│            Application State                │
│         (Storage, Config, Auth)             │
└─────────────────────────────────────────────┘
```

## Modules

| Module | Description |
|--------|-------------|
| `router` | Route definitions and API structure |
| `handlers` | Request handlers for all endpoints |
| `auth` | Authentication providers (local, LDAP, OAuth2) |
| `middleware` | Auth, logging, CORS middleware |
| `admin` | Cluster administration endpoints |
| `activity` | Activity logging and audit trail |
| `state` | Shared application state |
| `config` | Server configuration |

## API Endpoints

### Core
| Method | Endpoint | Description |
|--------|----------|-------------|
| GET | `/health` | Health check |
| POST | `/api/v1/query` | Execute SQL query |
| GET | `/api/v1/tables` | List tables |

### Authentication
| Method | Endpoint | Description |
|--------|----------|-------------|
| POST | `/api/v1/auth/login` | User login |
| POST | `/api/v1/auth/mfa/verify` | Verify MFA code |
| POST | `/api/v1/auth/logout` | User logout |
| GET | `/api/v1/auth/session` | Validate session |
| GET | `/api/v1/auth/me` | Current user info |

### Key-Value Store
| Method | Endpoint | Description |
|--------|----------|-------------|
| GET | `/api/v1/kv/keys` | List keys |
| POST | `/api/v1/kv/keys` | Set key |
| DELETE | `/api/v1/kv/keys/:key` | Delete key |

### Documents
| Method | Endpoint | Description |
|--------|----------|-------------|
| GET | `/api/v1/documents/collections` | List collections |
| GET | `/api/v1/documents/collections/:name` | Get documents |

### Admin
| Method | Endpoint | Description |
|--------|----------|-------------|
| GET | `/api/v1/admin/cluster` | Cluster status |
| GET | `/api/v1/admin/nodes` | Node list |
| GET | `/api/v1/admin/stats` | Statistics |
| GET | `/api/v1/admin/alerts` | Active alerts |

## Usage

### Running the Server

```bash
# Using the CLI
aegis server start

# Or directly with cargo
cargo run -p aegis-server -- --port 9090

# With custom host
cargo run -p aegis-server -- --host 0.0.0.0 --port 9090
```

### Command-Line Options

```
aegis-server [OPTIONS]

Options:
  -H, --host <HOST>    Host to bind to [default: 127.0.0.1]
  -p, --port <PORT>    Port to listen on [default: 9090]
  -h, --help           Print help
```

### Configuration

```toml
[server]
host = "127.0.0.1"
port = 9090
max_connections = 1000
request_timeout = "30s"

[auth]
method = "local"           # local, ldap, oauth2
session_timeout = "30m"
mfa_required = false

[tls]
enabled = false
cert_file = "/etc/aegis/tls.crt"
key_file = "/etc/aegis/tls.key"
```

## Authentication

### Local Authentication
```bash
curl -X POST http://localhost:9090/api/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username": "demo", "password": "demo"}'
```

### Using the Token
```bash
curl http://localhost:9090/api/v1/admin/cluster \
  -H "Authorization: Bearer <token>"
```

## Tests

```bash
cargo test -p aegis-server
```

**Test count:** 38 tests + 23 E2E tests

## License

Apache-2.0