This API provides a RESTful interface for managing patients and their diagnoses in a medical clinic. It includes endpoints for user registration, login, CRUD operations on patients, and CRUD operations on diagnoses. The API is built using Flask and implements JWT-based authentication to protect sensitive data.
Before running the API, you will need to install the following dependencies:
- Python 3.8 or higher
- Flask
- Flask-JWT-Extended
- Flask-Cors
- PyJWT
You can install these dependencies using pip:
pip install flask flask-jwt-extended flask-cors pyjwt
The API uses a SQLite database to store patient and diagnosis data. The database schema is defined in the db.py
file. To create the database tables, run the following command:
python db.py create_tables
To run the API, simply run the following command:
python app.py
The API will start running on port 5000.
The API provides the following endpoints:
POST /register
This endpoint allows users to register for an account. The request body should include the following JSON data:
{
"username": "string",
"password": "string",
"email": "string"
}
POST /login
This endpoint allows users to log in to their account. The request body should include the following JSON data:
{
"email": "string",
"password": "string"
}
GET /patients/<int:patient_id>
This endpoint retrieves a patient's information based on their patient ID.
POST /patients/new
This endpoint adds a new patient to the database. The request body should include the following JSON data:
{
"data": {
"name": "string",
"age": "int",
"gender": "string",
"address": "string",
"phone": "string"
}
}
DELETE /patients/del/<int:patient_id>
This repository contains a simple user authentication system built with Node.js and Express. The system allows users to register and log in, and stores their authentication tokens in cookies.
To run this application, you will need the following:
- Node.js and npm installed
- A Postgres database
- Clone this repository to your local machine.
- Run
npm install
to install the necessary dependencies. - Create a
.env
file in the root directory of the project and add the following environment variables:
Postgres_URI=Postgres://localhost:27017/user-auth
- Start the Postgres database.
- Run
npm start
to start the application.
To register a new user, send a POST request to the /register
endpoint with the following JSON payload:
{
"username": "username",
"email": "email@example.com",
"password": "password"
}
If the registration is successful, the server will respond with a 200 status code and a JSON payload containing the user's ID and authentication token.
To log in a user, send a POST request to the /login
endpoint with the following JSON payload:
{
"email": "email@example.com",
"password": "password"
}
If the login is successful, the server will respond with a 200 status code and a JSON payload containing the user's ID and authentication token.
The authentication tokens are stored in cookies. When a user registers or logs in, the server sets a cookie named authToken
with the user's authentication token. This cookie expires after 5 minutes.
The username
and email
are also stored in cookies named username
and email
respectively. These cookies also expire after 5 minutes.
This authentication system uses cookies to store authentication tokens. Cookies are vulnerable to a number of security attacks, such as cross-site scripting (XSS) and cross-site request forgery (CSRF). To mitigate these risks, it is important to implement additional security measures, such as:
- Using HTTPS to encrypt all traffic between the client and the server
- Setting the
SameSite
attribute