Features

Every feature in Cello is implemented in Rust for maximum performance. From radix-tree routing to SIMD JSON parsing, Cello delivers C-level speed with a Python-native developer experience. Explore the full feature set below.

---

Feature Overview

mindmap
  root((Cello Framework))
    Core
      Routing
      Requests
      Responses
      Blueprints
      Async
      SIMD JSON
    Middleware
      CORS
      Compression
      Logging
      Rate Limiting
      Caching
      Circuit Breaker
    Security
      JWT Auth
      RBAC Guards
      Sessions
      CSRF
      Security Headers
      API Keys
    Real-time
      WebSocket
      SSE
    Advanced
      Dependency Injection
      Background Tasks
      Templates
      Static Files
      DTOs
      OpenAPI
    Enterprise
      Database Pooling
      Redis
      GraphQL
      gRPC
      Message Queues
    Patterns
      Event Sourcing
      CQRS
      Saga

---

Feature Categories

• Core

  ---

  The foundation of every Cello application -- high-performance routing, request/response handling, and async-first design.

  • Radix-tree routing (~100ns lookup)
  • Lazy body parsing & headers
  • JSON, HTML, streaming responses
  • Flask-like blueprints
  • Sync & async handlers
  • SIMD-accelerated JSON

  Explore Core

  v0.1.0

• Middleware

  ---

  A rich middleware suite built entirely in Rust with zero-allocation processing and composable pipelines.

  • CORS handling
  • Gzip compression
  • Structured logging
  • Token bucket & sliding window rate limiting
  • Smart caching with TTL
  • Circuit breaker fault tolerance

  Explore Middleware

  v0.2.0 - v0.6.0

• Security

  ---

  Enterprise-grade security with constant-time operations and defense-in-depth architecture.

  • JWT, Basic & API Key auth
  • RBAC guards with composable roles
  • Secure cookie sessions
  • CSRF double-submit protection
  • CSP, HSTS, X-Frame-Options
  • Constant-time token comparison

  Explore Security

  v0.4.0 - v0.5.0

• Real-time

  ---

  Bidirectional and server-push communication powered by Tokio's async runtime.

  • WebSocket with message framing
  • Server-Sent Events streaming
  • Multi-client broadcasting
  • Connection health monitoring

  Explore Real-time

  v0.3.0

• Advanced

  ---

  Power features for complex applications -- from dependency injection to auto-generated API documentation.

  • FastAPI-style dependency injection
  • Post-response background tasks
  • Jinja2-compatible templates
  • Efficient static file serving
  • Multipart file uploads
  • DTO validation & OpenAPI/Swagger

  Explore Advanced

  v0.3.0 - v0.6.0

• Enterprise

  ---

  Production-grade integrations for databases, caches, message queues, and multi-protocol APIs.

  • Async connection pooling with health checks
  • Redis with Pub/Sub & cluster support
  • GraphQL queries, mutations & subscriptions
  • gRPC with streaming support
  • Kafka, RabbitMQ & SQS adapters

  Explore Enterprise

  v0.8.0 - v0.9.0

• Advanced Patterns

  ---

  Battle-tested architectural patterns for building resilient distributed systems.

  • Event Sourcing with aggregate roots & snapshots
  • CQRS command/query separation
  • Saga pattern for distributed transactions
  • Event replay & compensation logic

  Explore Patterns

  v0.10.0

---

Feature Comparison

How does Cello stack up against popular Python web frameworks?

Feature	🎵 Cello	FastAPI	Flask	Django
Rust-powered hot path
SIMD JSON parsing
Radix-tree routing
Async support			1	2
Dependency injection
Auto OpenAPI docs				3
WebSocket
Built-in JWT auth
RBAC guards
Rate limiting
Circuit breaker
HTTP/2 & HTTP/3
Cluster mode
GraphQL
gRPC

---

Quick Feature Tour

Routing & DI JWT Authentication Real-time WebSocket Rate Limiting Database & Redis

Routing with dependency injection

from cello import App, Depends

app = App()

def get_db():
    return Database()

@app.get("/users/{user_id}/posts/{post_id}")
def get_post(request, db=Depends(get_db)):
    return {
        "user_id": request.params["user_id"],
        "post_id": request.params["post_id"],
        "posts": db.get_posts(request.params["user_id"])
    }

JWT auth with protected routes

from cello import App
from cello.middleware import JwtConfig, JwtAuth

app = App()
jwt_config = JwtConfig(secret=b"your-secret-key-min-32-bytes-long")
app.use(JwtAuth(jwt_config))

@app.get("/protected")
def protected(request):
    claims = request.context.get("jwt_claims")
    return {"user": claims["sub"], "role": claims.get("role")}

WebSocket chat with broadcasting

from cello import App

app = App()
clients = set()

@app.websocket("/ws/chat")
def chat(ws):
    clients.add(ws)
    ws.send_text("Welcome!")
    try:
        while True:
            msg = ws.recv()
            if msg is None:
                break
            for client in clients:
                if client != ws:
                    client.send_text(f"User: {msg.text}")
    finally:
        clients.discard(ws)

Adaptive rate limiting

from cello import App
from cello.middleware import AdaptiveRateLimitConfig

app = App()

# Adaptive: backs off under load
app.enable_rate_limit(AdaptiveRateLimitConfig(
    base_requests=1000,
    window=60,
    cpu_threshold=0.8,
    memory_threshold=0.9,
    min_requests=100
))

Async database and Redis

from cello import App
from cello.enterprise import Database, Redis

app = App()
db = Database("postgresql://localhost/mydb", pool_size=20)
cache = Redis("redis://localhost:6379")

@app.get("/users/{id}")
async def get_user(request):
    user_id = request.params["id"]
    cached = await cache.get(f"user:{user_id}")
    if cached:
        return cached
    user = await db.fetch_one("SELECT * FROM users WHERE id = $1", user_id)
    await cache.set(f"user:{user_id}", user, ttl=300)
    return user

---

Performance Characteristics

All features are optimized at the Rust level for minimal overhead:

Feature	Overhead	Implementation
Routing	~100ns	Radix tree lookup via matchit
JSON Parsing	~1us/KB	SIMD acceleration via simd-json
JWT Validation	~50us	Constant-time comparison via subtle
Rate Limiting	~100ns	Lock-free counters via DashMap
Compression	~1us/KB	Native gzip in Rust
Middleware Chain	~1us	Zero-allocation pipeline
Session Lookup	~200ns	In-memory with DashMap

---

Version History

v0.1.0 -- Foundation

Routing | Request handling | Response types | SIMD JSON | Async support

v0.2.0 -- Middleware Engine

CORS | Compression | Logging | Blueprints

v0.3.0 -- Real-time & Uploads

WebSocket | SSE | Multipart uploads

v0.4.0 -- Security & Scale

JWT/Basic/API Key auth | Rate limiting | Sessions | Security headers | Cluster mode | TLS/SSL | HTTP/2 & HTTP/3

v0.5.0 -- Developer Experience

Dependency injection | RBAC guards | Prometheus metrics | OpenAPI/Swagger | Background tasks | Templates

v0.6.0 -- Smart Middleware

Smart caching with TTL | Adaptive rate limiting | DTO validation | Circuit breaker

v0.8.0 -- Data Layer

Async database pooling | Redis integration | :material-swap-vert: Transaction management

v0.9.0 -- API Protocols

GraphQL | gRPC | Kafka, RabbitMQ & SQS

v0.10.0 -- Advanced Patterns

Event Sourcing | CQRS | Saga pattern

---

Next Steps

• Core Features

  ---

  Start with routing, requests, and responses

  Core

• Middleware

  ---

  Add CORS, compression, rate limiting and more

  Middleware

• Security

  ---

  Secure your app with JWT, guards, and headers

  Security

• Real-time

  ---

  Build with WebSocket and Server-Sent Events

  Real-time

• Advanced

  ---

  Dependency injection, tasks, templates and DTOs

  Advanced

• Enterprise

  ---

  Database, Redis, GraphQL, gRPC, and more

  Enterprise

---

1. Flask async support requires version 2.0+ with additional setup. ↩

2. Django async views require version 3.1+ and ASGI deployment. ↩

3. Django REST Framework provides OpenAPI via third-party packages. ↩