How do I build web APIs and services in Rust?
Walkthrough
Axum is an ergonomic web framework built on Tokio and Hyper, focusing on modularity and type-safe routing. It leverages Rust's type system to extract request data, handle errors, and compose handlers. Axum integrates seamlessly with the Tower ecosystem for middleware and service composition.
Core concepts:
- Handlers — async functions that process requests and return responses
- Extractors — types that extract data from requests (path, query, JSON, etc.)
- Routes — map HTTP methods and paths to handlers
- State — share application state across handlers using
Stateextractor - Middleware — layers that wrap requests/responses via Tower
Axum's compile-time guarantees catch routing and extraction errors before runtime.
Code Example
# Cargo.toml
[dependencies]
axum = "0.7"
tokio = { version = "1", features = ["full"] }
serde = { version = "1", features = ["derive"] }
serde_json = "1"use axum::{
extract::{Path, Query},
response::{IntoResponse, Json},
routing::{get, post},
Router,
};
use serde::{Deserialize, Serialize};
use std::collections::HashMap;
// ===== Response Types =====
#[derive(Debug, Serialize, Deserialize)]
struct User {
id: u32,
name: String,
email: String,
}
#[derive(Debug, Deserialize)]
struct CreateUser {
name: String,
email: String,
}
#[derive(Debug, Deserialize)]
struct Pagination {
#[serde(default = "default_page")]
page: u32,
#[serde(default = "default_limit")]
limit: u32,
}
fn default_page() -> u32 { 1 }
fn default_limit() -> u32 { 10 }
// ===== Handlers =====
async fn hello() -> &'static str {
"Hello, World!"
}
async fn json_response() -> Json<User> {
Json(User {
id: 1,
name: "Alice".to_string(),
email: "alice@example.com".to_string(),
})
}
async fn path_param(Path(id): Path<u32>) -> impl IntoResponse {
format!("User ID: {}", id)
}
async fn query_params(Query(params): Query<HashMap<String, String>>) -> impl IntoResponse {
format!("Query params: {:?}", params)
}
async fn pagination(Query(pagination): Query<Pagination>) -> impl IntoResponse {
format!("Page: {}, Limit: {}", pagination.page, pagination.limit)
}
async fn create_user(Json(payload): Json<CreateUser>) -> impl IntoResponse {
let user = User {
id: 42,
name: payload.name,
email: payload.email,
};
(axum::http::StatusCode::CREATED, Json(user))
}
#[tokio::main]
async fn main() {
let app = Router::new()
.route("/", get(hello))
.route("/user", get(json_response))
.route("/user/{id}", get(path_param))
.route("/search", get(query_params))
.route("/items", get(pagination))
.route("/user", post(create_user));
let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
println!("Server running on http://localhost:3000");
axum::serve(listener, app).await.unwrap();
}Shared State and CRUD Operations
use axum::{
extract::{Path, State},
http::StatusCode,
response::{IntoResponse, Json},
routing::{delete, get, post, put},
Router,
};
use serde::{Deserialize, Serialize};
use std::sync::Arc;
use tokio::sync::RwLock;
// ===== Domain Types =====
#[derive(Debug, Clone, Serialize, Deserialize)]
struct Todo {
id: u64,
title: String,
completed: bool,
}
#[derive(Debug, Deserialize)]
struct CreateTodo {
title: String,
}
#[derive(Debug, Deserialize)]
struct UpdateTodo {
title: Option<String>,
completed: Option<bool>,
}
// ===== Application State =====
type Db = Arc<RwLock<Vec<Todo>>>;
#[derive(Clone)]
struct AppState {
db: Db,
}
// ===== Handlers =====
async fn list_todos(State(state): State<AppState>) -> impl IntoResponse {
let todos = state.db.read().await;
Json(todos.clone())
}
async fn get_todo(
State(state): State<AppState>,
Path(id): Path<u64>,
) -> Result<impl IntoResponse, StatusCode> {
let todos = state.db.read().await;
let todo = todos.iter().find(|t| t.id == id).ok_or(StatusCode::NOT_FOUND)?;
Ok(Json(todo.clone()))
}
async fn create_todo(
State(state): State<AppState>,
Json(payload): Json<CreateTodo>,
) -> impl IntoResponse {
let mut todos = state.db.write().await;
let id = todos.len() as u64 + 1;
let todo = Todo {
id,
title: payload.title,
completed: false,
};
todos.push(todo.clone());
(StatusCode::CREATED, Json(todo))
}
async fn update_todo(
State(state): State<AppState>,
Path(id): Path<u64>,
Json(payload): Json<UpdateTodo>,
) -> Result<impl IntoResponse, StatusCode> {
let mut todos = state.db.write().await;
let todo = todos.iter_mut().find(|t| t.id == id).ok_or(StatusCode::NOT_FOUND)?;
if let Some(title) = payload.title {
todo.title = title;
}
if let Some(completed) = payload.completed {
todo.completed = completed;
}
Ok(Json(todo.clone()))
}
async fn delete_todo(
State(state): State<AppState>,
Path(id): Path<u64>,
) -> impl IntoResponse {
let mut todos = state.db.write().await;
let len_before = todos.len();
todos.retain(|t| t.id != id);
if todos.len() < len_before {
StatusCode::NO_CONTENT
} else {
StatusCode::NOT_FOUND
}
}
#[tokio::main]
async fn main() {
let state = AppState {
db: Arc::new(RwLock::new(Vec::new())),
};
let app = Router::new()
.route("/todos", get(list_todos).post(create_todo))
.route("/todos/{id}", get(get_todo).put(update_todo).delete(delete_todo))
.with_state(state);
let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
println!("Server running on http://localhost:3000");
axum::serve(listener, app).await.unwrap();
}Error Handling
use axum::{
extract::State,
http::StatusCode,
response::{IntoResponse, Json, Response},
routing::get,
Router,
};
use serde_json::json;
use std::sync::Arc;
// ===== Error Types =====
#[derive(Debug)]
enum ApiError {
NotFound(String),
ValidationError(String),
InternalError(String),
}
impl IntoResponse for ApiError {
fn into_response(self) -> Response {
let (status, message) = match self {
ApiError::NotFound(msg) => (StatusCode::NOT_FOUND, msg),
ApiError::ValidationError(msg) => (StatusCode::BAD_REQUEST, msg),
ApiError::InternalError(msg) => (StatusCode::INTERNAL_SERVER_ERROR, msg),
};
let body = Json(json!({
"error": message,
}));
(status, body).into_response()
}
}
// ===== Result Wrapper =====
type ApiResult<T> = Result<T, ApiError>;
// ===== Handlers with Error Handling =====
async fn get_user(Path(id): Path<u32>) -> ApiResult<impl IntoResponse> {
if id == 0 {
return Err(ApiError::ValidationError("Invalid user ID".to_string()));
}
if id > 100 {
return Err(ApiError::NotFound(format!("User {} not found", id)));
}
Ok(Json(json!({
"id": id,
"name": format!("User {}", id),
})))
}
use axum::extract::Path;
// ===== Fallback Handler =====
async fn fallback() -> impl IntoResponse {
(
StatusCode::NOT_FOUND,
Json(json!({ "error": "Route not found" })),
)
}
#[tokio::main]
async fn main() {
let app = Router::new()
.route("/user/{id}", get(get_user))
.fallback(fallback);
let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
println!("Server running on http://localhost:3000");
axum::serve(listener, app).await.unwrap();
}Middleware and Request Extensions
use axum::{
body::Body,
extract::Request,
http::{header, StatusCode},
middleware::{self, Next},
response::{IntoResponse, Response},
routing::get,
Router,
};
use serde_json::json;
// ===== Timing Middleware =====
async fn timing_middleware(
request: Request,
next: Next,
) -> Response {
let start = std::time::Instant::now();
let response = next.run(request).await;
let elapsed = start.elapsed();
println!("Request took {:?}", elapsed);
response
}
// ===== Auth Middleware =====
async fn auth_middleware(
request: Request,
next: Next,
) -> Result<Response, StatusCode> {
let auth_header = request
.headers()
.get(header::AUTHORIZATION)
.and_then(|h| h.to_str().ok());
match auth_header {
Some(token) if token == "Bearer secret-token" => {
Ok(next.run(request).await)
}
_ => Err(StatusCode::UNAUTHORIZED),
}
}
// ===== Handlers =====
async fn public() -> impl IntoResponse {
"Public endpoint"
}
async fn protected() -> impl IntoResponse {
"Protected endpoint - you're authenticated!"
}
#[tokio::main]
async fn main() {
let protected_routes = Router::new()
.route("/dashboard", get(protected))
.route_layer(middleware::from_fn(auth_middleware));
let app = Router::new()
.route("/", get(public))
.merge(protected_routes)
.layer(middleware::from_fn(timing_middleware));
let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
println!("Server running on http://localhost:3000");
axum::serve(listener, app).await.unwrap();
}Multiple Extractors and Nested Routers
use axum::{
extract::{ConnectInfo, OriginalUri, State},
http::{Method, Uri},
response::IntoResponse,
routing::get,
Router,
};
use std::net::SocketAddr;
#[derive(Clone)]
struct ApiContext {
version: String,
}
async fn debug_info(
method: Method,
uri: Uri,
ConnectInfo(addr): ConnectInfo<SocketAddr>,
State(ctx): State<ApiContext>,
) -> impl IntoResponse {
format!(
"Method: {}\nURI: {}\nClient: {}\nAPI Version: {}",
method, uri, addr, ctx.version
)
}
// Nested router for API v1
fn api_v1() -> Router<ApiContext> {
Router::new()
.route("/users", get(|| async { "v1 users" }))
.route("/items", get(|| async { "v1 items" }))
}
// Nested router for API v2
fn api_v2() -> Router<ApiContext> {
Router::new()
.route("/users", get(|| async { "v2 users" }))
.route("/items", get(|| async { "v2 items" }))
}
#[tokio::main]
async fn main() {
let ctx = ApiContext {
version: "1.0.0".to_string(),
};
let app = Router::new()
.route("/debug", get(debug_info))
.nest("/api/v1", api_v1())
.nest("/api/v2", api_v2())
.with_state(ctx);
let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
let listener = tokio::net::TcpListener::bind(addr).await.unwrap();
println!("Server running on http://{}", addr);
axum::serve(listener, app).await.unwrap();
}Static Files and CORS
use axum::{
http::{header, Method},
routing::get,
Router,
};
use tower_http::{
cors::{Any, CorsLayer},
services::ServeDir,
};
#[tokio::main]
async fn main() {
let cors = CorsLayer::new()
.allow_origin(Any)
.allow_methods([Method::GET, Method::POST, Method::PUT, Method::DELETE])
.allow_headers([header::CONTENT_TYPE, header::AUTHORIZATION]);
let app = Router::new()
.route("/api/hello", get(|| async { "Hello from API" }))
.nest_service("/static", ServeDir::new("./static"))
.layer(cors);
let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
println!("Server running on http://localhost:3000");
axum::serve(listener, app).await.unwrap();
}Summary
- Define handlers as async functions; Axum calls them with extracted parameters
- Extractors like
Path,Query,Json, andStatedeclaratively parse request data - Return
(StatusCode, impl IntoResponse)tuples for full control over status and headers - Use
Router::new().route(path, method(handler))to define routes - Share state with
.with_state(state)and extract it withState(state): State<AppState> - Group routes with
.nest("/prefix", router)for modular API design - Add middleware with
.layer()or.route_layer()for per-route middleware - Implement
IntoResponsefor custom error types to unify error handling - Use
axum::extract::Requestfor raw access to the entire HTTP request fallback()handler catches unmatched routes- Tower middleware (like
tower-http::cors) integrates seamlessly via.layer() - Serve static files with
ServeDirfromtower-http - Run with
axum::serve(listener, app).awaitfor a production-ready server