torch-web 0.2.0

Fast, secure web framework for Rust with production-ready features out of the box
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167

# Torch Framework Configuration File
# This file contains all configurable settings for your Torch application
# Copy this file to your project root and customize as needed

[server]
# Server host and port configuration
host = "127.0.0.1"
port = 3000

# Connection and performance settings
max_connections = 10000
request_timeout_secs = 30
keep_alive_timeout_secs = 60
max_body_size = 16777216  # 16MB in bytes
worker_threads = 4  # Set to null for auto-detection
enable_http2 = true

# TLS/SSL configuration
enable_tls = false
tls_cert_path = "/path/to/cert.pem"  # Optional
tls_key_path = "/path/to/key.pem"   # Optional

# Graceful shutdown
graceful_shutdown_timeout_secs = 30

[security]
# CORS configuration
enable_cors = true
cors_allowed_origins = ["*"]
cors_allowed_methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"]
cors_allowed_headers = ["Content-Type", "Authorization", "X-Requested-With", "X-API-Key"]

# Security headers
enable_security_headers = true
content_security_policy = "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' https:; connect-src 'self'; frame-ancestors 'none';"

# Request signing (for API security)
enable_request_signing = false
signing_secret = "your-secret-key-here"  # Change this in production!

# IP whitelisting
enable_ip_whitelist = false
ip_whitelist = ["192.168.1.0/24", "10.0.0.0/8"]

# Request tracking and validation
enable_request_id = true
max_request_size = 16777216  # 16MB
enable_input_validation = true
enable_sql_injection_protection = true
enable_xss_protection = true

[monitoring]
# Logging configuration
enable_request_logging = true
log_level = "info"  # error, warn, info, debug, trace
log_format = "json"  # json, text
log_file = "/var/log/torch/app.log"  # Set to null for stdout

# Metrics and monitoring
enable_metrics = true
metrics_endpoint = "/metrics"
enable_health_check = true
health_check_endpoint = "/health"

# Performance monitoring
enable_performance_monitoring = true
slow_request_threshold_ms = 1000

# Error tracking
enable_error_tracking = true
error_tracking_url = "https://your-error-tracking-service.com/api"

# Distributed tracing
enable_distributed_tracing = false
tracing_endpoint = "http://jaeger:14268/api/traces"

[performance]
# Response optimization
enable_compression = true
compression_level = 6  # 1-9, higher = better compression but slower

# Caching
enable_caching = true
cache_ttl_secs = 300  # 5 minutes
max_cache_size_mb = 100

# Connection pooling
enable_connection_pooling = true
connection_pool_size = 100
connection_pool_timeout_secs = 30

# Keep-alive settings
enable_keep_alive = true
keep_alive_timeout_secs = 60

[rate_limiting]
# Rate limiting configuration
enable_rate_limiting = true
global_rps_limit = 10000      # Global requests per second
per_ip_rps_limit = 100        # Per IP requests per second
per_user_rps_limit = 1000     # Per authenticated user requests per second
window_secs = 60              # Rate limiting window

# Burst handling
enable_burst = true
burst_size = 10

# Storage backend for rate limiting
storage_backend = "memory"    # memory, redis
redis_url = "redis://localhost:6379"  # For distributed rate limiting

[database]
# Database configuration (optional)
url = "postgresql://user:password@localhost:5432/myapp"
max_connections = 32
min_connections = 5
connect_timeout_secs = 30
query_timeout_secs = 60
enable_pooling = true
enable_query_logging = false
enable_migrations = true
migrations_dir = "migrations"

# Custom application settings
# Add your own configuration keys here
[custom]
app_name = "My Torch Application"
version = "1.0.0"
environment = "development"  # development, staging, production
debug_mode = true
api_version = "v1"
default_page_size = 20
max_page_size = 100

# Feature flags
[custom.features]
enable_user_registration = true
enable_email_verification = true
enable_two_factor_auth = false
enable_social_login = true
enable_file_uploads = true
max_file_size_mb = 10

# External service URLs
[custom.services]
email_service_url = "https://api.sendgrid.com"
payment_service_url = "https://api.stripe.com"
storage_service_url = "https://s3.amazonaws.com"
notification_service_url = "https://api.pusher.com"

# API keys and secrets (use environment variables in production!)
[custom.secrets]
jwt_secret = "your-jwt-secret-here"
encryption_key = "your-encryption-key-here"
api_key = "your-api-key-here"
webhook_secret = "your-webhook-secret-here"

# Production deployment settings
[custom.deployment]
cluster_name = "torch-cluster"
namespace = "default"
replica_count = 3
auto_scaling_enabled = true
min_replicas = 2
max_replicas = 10
cpu_threshold = 70
memory_threshold = 80