Db desing and models creations#1
Conversation
…a with users, workspaces, projects, tasks, and relationships
…ppState to include it
… name and environment configuration
…d registration forms, improved styling, and added endpoints table
…e connection function, and add DTOs module
… subscriber initialization, and implement TraceLayer for HTTP request logging
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (29)
📝 WalkthroughSummary by CodeRabbitRelease Notes
WalkthroughThis PR establishes the Sprintly API project foundation, introducing environment-based configuration with tracing/logging, a comprehensive database schema with migrations, static frontend pages for authentication, new API endpoints, and development tooling including GitHub Actions workflows and Makefile targets. Changes
Poem
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes ✨ Finishing Touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
This PR introduces a new Postgres schema/migration for Sprintly, adds environment-based configuration to application state, and wires up basic routing including static file serving plus an auth “check” endpoint.
Changes:
- Add initial database schema migration (users/workspaces/projects/tasks/comments + lookup/join tables).
- Introduce
EnvConfigand expandAppState, updating DB connection + health/auth handlers accordingly. - Add API v1 route composition and static asset serving from
public/(new landing/login/register pages).
Reviewed changes
Copilot reviewed 29 out of 30 changed files in this pull request and generated 10 comments.
Show a summary per file
| File | Description |
|---|---|
| src/utils/mod.rs | Adds utils module placeholder. |
| src/services/mod.rs | Adds services module placeholder. |
| src/routes/mod.rs | Composes routes, nests /api/v1, adds static file fallback. |
| src/routes/auth_routes.rs | Adds /api/v1/auth/check route group. |
| src/models/mod.rs | Adds models module placeholder. |
| src/middleware/mod.rs | Adds middleware module placeholder. |
| src/main.rs | Adds tracing, loads EnvConfig, updates DB connection + state, installs TraceLayer. |
| src/dtos/mod.rs | Adds dtos module placeholder. |
| src/db/mod.rs | Makes DB connection accept a database_url parameter. |
| src/controllers/root_controller.rs | Updates health check to use state and adds tracing log. |
| src/controllers/mod.rs | Registers new auth controller module. |
| src/controllers/auth_controller.rs | Adds auth check handler. |
| src/config/mod.rs | Expands AppState to include app_name and env_config. |
| src/config/env.rs | Adds environment configuration loader (DATABASE_URL, PORT). |
| public/table.js | Adds dynamic endpoint table for landing page. |
| public/styles.css | Adds styling for landing/login/register pages. |
| public/register.html | Adds registration UI that calls auth endpoints. |
| public/login.html | Adds login UI that calls auth endpoints. |
| public/index.html | Adds landing page UI. |
| migrations/20260311154909_init_sprintly_schema.sql | Adds full Sprintly schema + uuid extension. |
| migrations/20260311153049_init_schema.sql | Removes earlier placeholder migration. |
| makefile | Adds basic dev commands (run/build/test/clean). |
| README.md | Adds an ASCII relationship diagram. |
| Cargo.toml | Enables tower-http fs support and tracing-subscriber fmt. |
| Cargo.lock | Updates lockfile for new deps (ServeDir-related crates). |
| API.http | Adds auth check request. |
| .vscode/settings.json | Adds ossp to cSpell dictionary. |
| .github/workflows/lint-and-format.yml | Adds CI job for fmt + clippy. |
| .github/copilot-instructions.md | Adds repository Copilot guidance doc. |
| .env | Adds comments + RUST_LOG default. |
You can also share your feedback on Copilot code review. Take the survey.
| const response = await fetch('/api/v1/auth/register', { | ||
| method: 'POST', | ||
| headers: { | ||
| 'Content-Type': 'application/json', | ||
| }, | ||
| body: JSON.stringify({ email, password }), |
There was a problem hiding this comment.
This page submits to /api/v1/auth/register, but that route is not implemented in src/routes in this PR (only GET /api/v1/auth/check). This will always 404; either add the backend route or change the frontend action to match available endpoints.
| const response = await fetch('/api/v1/auth/register', { | |
| method: 'POST', | |
| headers: { | |
| 'Content-Type': 'application/json', | |
| }, | |
| body: JSON.stringify({ email, password }), | |
| const response = await fetch('/api/v1/auth/check', { | |
| method: 'GET', |
| const response = await fetch('/api/v1/auth/login', { | ||
| method: 'POST', | ||
| headers: { | ||
| 'Content-Type': 'application/json', | ||
| }, | ||
| body: JSON.stringify({ email, password }), | ||
| }); | ||
|
|
There was a problem hiding this comment.
This page submits to /api/v1/auth/login, but that route is not implemented in src/routes in this PR (only GET /api/v1/auth/check). This will always 404; either add the backend route or change the frontend action to match available endpoints.
| const response = await fetch('/api/v1/auth/login', { | |
| method: 'POST', | |
| headers: { | |
| 'Content-Type': 'application/json', | |
| }, | |
| body: JSON.stringify({ email, password }), | |
| }); | |
| const response = await fetch('/api/v1/auth/check', { | |
| method: 'GET', | |
| headers: { | |
| 'Content-Type': 'application/json', | |
| }, | |
| }); |
| use crate::config::env::EnvConfig; | ||
|
|
||
| #[derive(Clone)] | ||
| #[allow(dead_code)] |
There was a problem hiding this comment.
#[allow(dead_code)] on AppState suppresses warnings for unused fields; since app_name and env_config are already used by controllers in this PR, consider removing this to keep warnings meaningful.
| #[allow(dead_code)] |
| endpoint: '/api/v1/auth/login', | ||
| method: 'POST', | ||
| description: 'Login with email and password', | ||
| status: 'active', |
There was a problem hiding this comment.
/api/v1/auth/login is listed as an active endpoint, but no matching backend route exists in src/routes in this PR (only /api/v1/auth/check). Update this list or implement the route to avoid misleading documentation.
| status: 'active', | |
| status: 'inactive', |
| @@ -1,22 +1,33 @@ | |||
| use axum::{Router, routing::get}; | |||
| // use sqlx::PgPool; | |||
| use tower_http::services::fs::ServeDir; | |||
There was a problem hiding this comment.
ServeDir is imported from tower_http::services::fs::ServeDir, but in tower-http 0.6 the type is tower_http::services::ServeDir (no fs module). This will not compile; update the import path accordingly.
| use tower_http::services::fs::ServeDir; | |
| use tower_http::services::ServeDir; |
| .make_span_with(DefaultMakeSpan::new().include_headers(true)) | ||
| .on_response(DefaultOnResponse::new().include_headers(true)); |
There was a problem hiding this comment.
TraceLayer is configured with .include_headers(true) for both spans and responses. This will log request/response headers (including Authorization, cookies, etc.) and can leak sensitive data; default to include_headers(false) or explicitly filter/redact sensitive headers.
| .make_span_with(DefaultMakeSpan::new().include_headers(true)) | |
| .on_response(DefaultOnResponse::new().include_headers(true)); | |
| .make_span_with(DefaultMakeSpan::new().include_headers(false)) | |
| .on_response(DefaultOnResponse::new().include_headers(false)); |
| defaults: | ||
| run: | ||
| working-directory: ./src | ||
|
|
There was a problem hiding this comment.
GitHub Actions job sets working-directory: ./src, but Cargo.toml is at the repo root. Running cargo fmt / cargo clippy from ./src will fail; run from the repository root (or add a workspace/Cargo.toml under src).
| endpoint: '/api/v1/auth/register', | ||
| method: 'POST', | ||
| description: 'Register a new user account', |
There was a problem hiding this comment.
/api/v1/auth/register is listed as an active endpoint, but no matching backend route exists in src/routes in this PR (only /api/v1/auth/check). Update this list or implement the route to avoid misleading documentation.
| endpoint: '/api/v1/auth/register', | |
| method: 'POST', | |
| description: 'Register a new user account', | |
| endpoint: '/api/v1/auth/check', | |
| method: 'POST', | |
| description: 'Check authentication status', |
| use std::env; | ||
|
|
||
| #[derive(Debug, Clone)] | ||
| #[allow(dead_code)] |
There was a problem hiding this comment.
#[allow(dead_code)] on EnvConfig hides warnings for unused fields. Since this struct is used to configure DB and server port, consider removing the attribute to avoid masking future unused/typo fields.
| #[allow(dead_code)] |
| endpoint: '/api/v1/auth/google', | ||
| method: 'GET', | ||
| description: 'Login with Google OAuth', | ||
| status: 'active', |
There was a problem hiding this comment.
/api/v1/auth/google is listed as an active endpoint, but no matching backend route exists in src/routes in this PR. Update this list or implement the route to avoid misleading documentation.
| status: 'active', | |
| status: 'inactive', |
No description provided.