# {{name}}
A `rustio-admin` project. Generated by `rustio new {{name}}`.
The wizard already wrote `.env` with a working local `DATABASE_URL`
and pre-filled your project name into the admin chrome. The
sections below pick up where the wizard's Next Steps left off.
## 1. First run
```sh
# 1. Create the database (only step the wizard cannot do for you).
createdb {{name}}_dev
# 2. Apply framework migrations and create your first admin.
rustio migrate apply
rustio user create --email admin@{{name}}.local --role administrator
# The CLI prompts twice for the password (echo-suppressed).
# Pass --password '...' only inside CI / scripted bootstrap.
# 3. Boot the project.
cargo run
```
Two URLs on first boot:
- <http://127.0.0.1:8000/> -- first-boot homepage. Replaceable:
edit `templates/home.html` (the three `--brand` / `--text` /
`--muted` CSS custom properties at the top are the obvious
customisation seam).
- <http://127.0.0.1:8000/admin> -- admin panel. Sign in with the
account from step 2.
> **Port already in use?** `src/main.rs` binds to `127.0.0.1:8000`.
> Change the literal in the `let addr = ...` line and re-run.
## 2. First model
The default scaffold ships with no domain models -- the admin panel
is ready, the homepage is alive, and you decide what the first
model represents.
```sh
rustio startapp <name> # e.g. `patient`, `student`, `item`
```
The CLI prints the exact `mod` / `use` / `.model::<>()` lines to
paste into `src/main.rs`. After that:
```sh
rustio migrate apply
cargo run
```
The `/admin/<names>` pages light up. Migrations are append-only
by contract -- once a file has run on any real database, treat it
as frozen and write a new numerically-prefixed file to move the
schema forward.
## 3. Admin usage
After signing in:
- `/admin` -- dashboard with per-model creation sparklines.
- `/admin/<model>` -- list / detail / create / edit pages.
- `/admin/history` -- typed audit trail, filterable by actor.
- `/admin/account/sessions` -- active sessions per user.
- `/admin/account/mfa/enroll` -- TOTP enrolment.
- `/admin/docs` -- framework docs, served locally.
- `/admin/health` -- live health view (web counterpart to
`rustio doctor`).
Session-backed authentication uses Argon2id passwords; cookies
carry random tokens and the database stores SHA-256 hashes only.
Per-model permissions sit on a five-tier role ladder
(User · Staff · Supervisor · Administrator · Developer).
## 4. Common commands
```sh
rustio doctor # health check
rustio migrate status # what's applied / pending
rustio user list # show accounts
rustio user role --email <e> administrator # promote a user
rustio group create --name editors # create a group
rustio perm grant-group --group editors --perm posts.add_post
```
## 5. Advanced topics
Production-grade surfaces ship with the framework and are worth
reading **before** you take a project to staging -- not on day one.
- **Multi-factor authentication (R3).** TOTP enrolment at
`/admin/account/mfa/enroll`. Backup codes printed once at
enrolment. AES-256-GCM-encrypted secrets via `RUSTIO_SECRET_KEY`
(generate with `openssl rand 32 | base64 | tr '+/' '-_' | tr -d '='`).
Make MFA mandatory by chaining
`.require_mfa(rustio_admin::auth::MfaPolicy::Required)` onto
`Admin::new()`.
- **Emergency recovery (R4 CLI).** When in-band recovery is closed
(password lost + MFA device lost + no other admin available), the
operator with shell + DB access runs `rustio user reset-password
/ unlock / disable-mfa / promote / emergency-access` from this
README's parent directory. Every command renders a red banner
before mutating and writes one
`action_type = "emergency_recovery"` audit row.
- **Custom routes.** Mount your own handlers on `Router` BEFORE
`register_admin_routes` so the framework's `/admin/*` wildcards
don't shadow them. CSRF + correlation_id middleware applies
automatically.
- **Template overrides.** `rustio override admin/<name>.html`
copies a framework template to `./templates/admin/<name>.html`
so you can edit it; pair with `RUSTIO_TEMPLATE_DIR=templates` at
runtime to make the override take effect.
See the framework's own
[`docs/getting-started.md`](https://github.com/abdulwahed-sweden/rustio-admin/blob/main/docs/getting-started.md)
and the
[`ModelAdmin` reference](https://github.com/abdulwahed-sweden/rustio-admin/blob/main/docs/modeladmin.md)
when you need more.
## Project layout
| Path | Purpose |
|---|---|
| `src/main.rs` | Boots the admin: connects to Postgres, applies migrations, registers models, mounts `/admin/*`, serves the homepage at `/`. |
| `templates/home.html` | First-boot homepage. Three CSS custom properties at the top control the surface colours. |
| `migrations/` | Numerically prefixed `*.sql` files. `rustio migrate apply` runs every pending one transactionally. `rustio startapp <name>` adds the first one. |
| `templates/admin/*.html` (optional) | Project-side overrides of any framework template. Set `RUSTIO_TEMPLATE_DIR=templates` to enable. |