Portfolio project done as part of the ALX SE foundation programme.

The software, in the long term, is aimed at near total management of a hospital's activity ranging from patient consultation and nursing activities to pharmacy drug management.

Technologies used in this project includes:


  • Flask
  • Flask-Login
  • Flask-CORS
  • Flask-WTF
  • Flasgger
  • SQLAlchemy
  • MySQL


  • HTML
  • CSS
  • Svelte.js
  • etc.


  1. Writing object models: BaseModel, BaseUser, Staff, Doctor, Nurse, Pharmacist, RecordOfficer, Consultation, Prescription, NurseNote, Vital, Drugs.
  2. Database storage using ORM (sqlalchemy) and MySQL database backend
  3. HMIS Console: command line utility written in python to manipulate objects
  4. API using flask and flasgger
  5. Authentication backend with Flask-Login, with simple RBAC on top
  6. Front-end with HTML, CSS and Svelte.js
  7. Connect frontend to the backend
  8. Dockerize both frontend and backend
  9. Deployment pipline with fabric, nginx and gunicorn on AWS EC2 ubuntu 22.04 instance

The HMIS Console

Written with python's cmd module. Mainly for testing the models. Available commands are

  • help: list all commands and their usage
  • quit: exits the console
  • create <class> or <class>.create(): intantiates a new object of the passed class
  • all [class], <class>.all(): prints a list of all objects in storage or list of all object of type class
  • show <class> <id>, <class>.show(<id>): prints an object of a given class
  • destroy <class> <id>, <class>.destroy(<id>): deletes an obj of a given class
  • update <class> <id> <dict>, <class>.update(<id>, <dict>): updates the given object with values from dict
  • save: commits all changes made to the db


Written with flask and flasgger. Endpoints include

GET: return a json object with message ‘OK’ or ‘FAIL’

GET: return a breakdown of all objects

GET: returns a list of all patients in the facility
POST: creates a new patient object

GET: return the patient object with the given id
PUT: modify the specified patient object
DELETE: deletes the specified patient object

GET: returns a list of all consultations attend by a given patient
POST: create a new consultation for the given patient

GET: returns the specified consultation for the given patient
PUT: modify the specified consultation object, method to decay after 24 hours
DELETE: deletes the specified consultation object, method to decay after creating object

GET: returns a list of drugs prescribed in a given consultation
POST: create a new prescription for a consultation
PUT: modify the specified prescription object, method to decay after 24 hours
DELETE: deletes the specified prescription, method to decay after 24 hours

POST: add a new drug prescription to the prescription

PUT: modify the specified drug prescription object, to decay after 24 hours
DELETE: deletes the specified drug prescription object, to decay after 24 hours

GET: returns a list of all vital signs recorded for the given patient
POST: create a new vital sign object for the given patient

GET: returns the vital sign object with the given id
PUT: modify the vital sign object with the given id, decay after 24 hours
DELETE: delete vital sign with the given id for the given patient, decay after 24 hours

GET: return all nursenotes for a given patient
POST: create a new nursenote for a patient

GET: return a specific nurse note
PUT: update a nursenote

GET: returns a breakdown of staffs in the facility

GET: return specified objects and job title
PUT: modify the specified staff object
DELETE: deletes the specified staff object

GET: returns a list of all doctors in the facility
POST: creates a new doctor object

GET: returns a list of consultations for a given doctor in the facility

GET: returns a list of prescriptions for a given doctor in the facility

GET: Returns a list of all nurses in the facility
POST: creates a new nurse object

GET: Returns the list of vitals obtained by the specified nurse

GET: Returns a list of all pharmacists in the facility
POST: creates a new pharmacist object

GET: Returns the list of prescriptions dispensed by a pharmacist.

GET: Returns a list of all pharmacists in the facility
POST: creates a new recordofficer object

GET: return a list of all drugs in the pharmacy
POST: create a new drug object

GET: return the specified drug object
PUT: modify the given drug object

Auth Endpoints

The auth system uses session-based auth (may change in the future)

POST: login with username/email

GET: checks whether a user is authenticated

GET: get a csrf token for CSRF protection on the frontend

GET: logout the current user

