Why Did I Build This?
"Writing repetitive CRUD endpoints and DTO boilerplate for every new backend project is a massive time sink. I built this library to eliminate that friction: define your SQLite tables, and the engine instantly spins up a secure REST API along with a built-in HTTP client. It is designed as a drop-in solution for rapid prototyping and embedded backend architectures."
Architecture & Decisions
The library is engineered on top of Axum and Tokio. The core database state is wrapped in an `Arc<Mutex<Connection>>` to ensure thread-safe sharing across asynchronous route handlers. The server engine (`EasyDB`) dynamically injects endpoints into the Axum router by iterating over exposed tables at initialization. While network I/O is fully asynchronous, the inherently synchronous SQLite disk operations are managed via a strict locking mechanism. The bundled `EasyClient` utilizes `reqwest` under the hood, perfectly mapped to consume the generated API out-of-the-box.
Key Features
- 01.Zero-boilerplate REST API generation via dynamic endpoint injection
- 02.Bundled asynchronous `EasyClient` module ready to consume the generated API natively
- 03.Strict identifier sanitization layer actively preventing column/table name injection attacks
- 04.Dynamic parameterized queries ensuring absolute immunity to standard SQL Injection vectors
- 05.Autonomous URL-based filtering and sorting engine (e.g., `?_sort=age&_order=desc`)
The most critical engineering decision in this library was securing the dynamic SQL generation. Standard prepared statements (`?`) do not protect against malicious table or column names (identifier injection). To counter this, I implemented a strict validation boundary (`is_valid_identifier`) that aggressively sanitizes all incoming keys through an ASCII/Alphanumeric filter before they ever touch the query string. Distributing this on crates.io makes it a highly portable, production-ready micro-tool for any Rust developer looking to bypass backend boilerplate.