Update api/routes.py

api/routes.py

@@ -1,193 +1,445 @@
-from fastapi import APIRouter, HTTPException, Depends, Body
+from fastapi import APIRouter, HTTPException, Depends, Body, Query, status
 from fastapi.security import OAuth2PasswordRequestForm
 from models.schemas import SignupForm, TokenResponse, PatientCreate, DoctorCreate, AppointmentCreate
 from db.mongo import users_collection, patients_collection, appointments_collection
 from core.security import hash_password, verify_password, create_access_token, get_current_user
-from datetime import datetime
+from datetime import datetime, timedelta
 from bson import ObjectId
 from typing import Optional, List
-from pydantic import BaseModel
-from pymongo import UpdateOne
+from pydantic import BaseModel, Field
+from pymongo import UpdateOne, InsertOne, IndexModel
 import httpx
+import os
+import json
+from pathlib import Path
+import glob
+from motor.motor_asyncio import AsyncIOMotorClient
 
 router = APIRouter()
 
-# --- SIGNUP ---
-@router.post("/signup")
-async def signup(data: SignupForm):
-    if data.role != "patient":
-        raise HTTPException(status_code=403, detail="Only patients can sign up via this route")
+# Configuration
+SYNTHEA_DATA_DIR = "./output/fhir"
+os.makedirs(SYNTHEA_DATA_DIR, exist_ok=True)
+
+# Models
+class Note(BaseModel):
+    date: str = Field(..., example="2023-01-01T12:00:00Z")
+    type: str = Field(..., example="Progress Note")
+    text: str = Field(..., example="Patient reported improvement in symptoms")
+    author: Optional[str] = Field(None, example="Dr. Smith")
+
+class Condition(BaseModel):
+    code: str = Field(..., example="Hypertension")
+    status: str = Field(..., example="Active")
+    onset_date: str = Field(..., example="2020-05-15")
+
+class Medication(BaseModel):
+    name: str = Field(..., example="Lisinopril 10mg")
+    status: str = Field(..., example="Active")
+    prescribed_date: str = Field(..., example="2021-02-10")
+
+class PatientUpdate(BaseModel):
+    notes: Optional[List[Note]] = None
+    conditions: Optional[List[Condition]] = None
+    medications: Optional[List[Medication]] = None
+
+# Indexes
+async def create_indexes():
+    await patients_collection.create_indexes([
+        IndexModel([("fhir_id", 1)], unique=True),
+        IndexModel([("full_name", "text")]),
+        IndexModel([("date_of_birth", 1)]),
+        IndexModel([("notes.date", -1)])
+    ])
+
+# Helper Functions
+def calculate_age(birth_date: str) -> Optional[int]:
+    if not birth_date:
+        return None
+    try:
+        birth_date = datetime.strptime(birth_date.split('T')[0], "%Y-%m-%d")
+        today = datetime.now()
+        return today.year - birth_date.year - (
+            (today.month, today.day) < (birth_date.month, birth_date.day))
+    except ValueError:
+        return None
+
+async def process_synthea_patient(bundle: dict) -> Optional[dict]:
+    patient_data = {}
+    notes = []
+    conditions = []
+    medications = []
+    encounters = []
+    
+    for entry in bundle.get('entry', []):
+        resource = entry.get('resource', {})
+        resource_type = resource.get('resourceType')
+        
+        if resource_type == 'Patient':
+            name = resource.get('name', [{}])[0]
+            address = resource.get('address', [{}])[0]
+            
+            patient_data = {
+                'fhir_id': resource.get('id'),
+                'full_name': f"{' '.join(name.get('given', ['']))} {name.get('family', '')}".strip(),
+                'gender': resource.get('gender', 'unknown'),
+                'date_of_birth': resource.get('birthDate', ''),
+                'address': ' '.join(address.get('line', [''])),
+                'city': address.get('city', ''),
+                'state': address.get('state', ''),
+                'postal_code': address.get('postalCode', ''),
+                'country': address.get('country', ''),
+                'marital_status': resource.get('maritalStatus', {}).get('text', ''),
+                'language': resource.get('communication', [{}])[0].get('language', {}).get('text', ''),
+                'source': 'synthea',
+                'last_updated': datetime.utcnow()
+            }
+        
+        elif resource_type == 'Encounter':
+            encounter = {
+                'id': resource.get('id'),
+                'type': resource.get('type', [{}])[0].get('text', ''),
+                'status': resource.get('status'),
+                'period': resource.get('period', {}),
+                'service_provider': resource.get('serviceProvider', {}).get('display', '')
+            }
+            encounters.append(encounter)
+            
+            for note in resource.get('note', []):
+                if note.get('text'):
+                    notes.append({
+                        'date': resource.get('period', {}).get('start', datetime.utcnow().isoformat()),
+                        'type': resource.get('type', [{}])[0].get('text', 'Encounter Note'),
+                        'text': note.get('text'),
+                        'context': f"Encounter: {encounter.get('type')}",
+                        'author': 'System Generated'
+                    })
+        
+        elif resource_type == 'Condition':
+            conditions.append({
+                'id': resource.get('id'),
+                'code': resource.get('code', {}).get('text', ''),
+                'status': resource.get('clinicalStatus', {}).get('text', ''),
+                'onset_date': resource.get('onsetDateTime'),
+                'recorded_date': resource.get('recordedDate'),
+                'verification_status': resource.get('verificationStatus', {}).get('text', '')
+            })
+        
+        elif resource_type == 'MedicationRequest':
+            medications.append({
+                'id': resource.get('id'),
+                'name': resource.get('medicationCodeableConcept', {}).get('text', ''),
+                'status': resource.get('status'),
+                'prescribed_date': resource.get('authoredOn'),
+                'requester': resource.get('requester', {}).get('display', ''),
+                'dosage': resource.get('dosageInstruction', [{}])[0].get('text', '')
+            })
+    
+    if patient_data:
+        patient_data.update({
+            'notes': notes,
+            'conditions': conditions,
+            'medications': medications,
+            'encounters': encounters,
+            'import_date': datetime.utcnow()
+        })
+        return patient_data
+    return None
+
+# Routes
+@router.post("/ehr/import", status_code=status.HTTP_201_CREATED)
+async def import_patients(
+    limit: int = Query(100, ge=1, le=1000),
+    current_user: dict = Depends(get_current_user)
+):
+    if current_user.get('role') not in ['admin', 'doctor']:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Only administrators and doctors can import data"
+        )
+    
+    try:
+        await create_indexes()
+        files = glob.glob(f"{SYNTHEA_DATA_DIR}/*.json")
+        operations = []
+        imported = 0
+        
+        for file_path in files[:limit]:
+            try:
+                with open(file_path, 'r') as f:
+                    bundle = json.load(f)
+                    patient = await process_synthea_patient(bundle)
+                    if patient:
+                        operations.append(UpdateOne(
+                            {"fhir_id": patient['fhir_id']},
+                            {"$setOnInsert": patient},
+                            upsert=True
+                        ))
+                        imported += 1
+            except Exception as e:
+                continue
+        
+        if operations:
+            result = await patients_collection.bulk_write(operations)
+            return {
+                "status": "success",
+                "imported": imported,
+                "upserted": result.upserted_count,
+                "existing": len(operations) - result.upserted_count
+            }
+        return {"status": "success", "message": "No new patients found to import"}
+    
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Import failed: {str(e)}"
+        )
 
+@router.get("/ehr/patients", response_model=List[dict])
+async def list_patients(
+    search: Optional[str] = Query(None),
+    min_notes: int = Query(0, ge=0),
+    min_conditions: int = Query(0, ge=0),
+    limit: int = Query(100, ge=1, le=500),
+    skip: int = Query(0, ge=0)
+):
+    query = {"source": "synthea"}
+    
+    if search:
+        query["$or"] = [
+            {"full_name": {"$regex": search, "$options": "i"}},
+            {"fhir_id": search}
+        ]
+    
+    if min_notes > 0:
+        query[f"notes.{min_notes-1}"] = {"$exists": True}
+    
+    if min_conditions > 0:
+        query[f"conditions.{min_conditions-1}"] = {"$exists": True}
+    
+    projection = {
+        "fhir_id": 1,
+        "full_name": 1,
+        "gender": 1,
+        "date_of_birth": 1,
+        "notes": {"$slice": 1},
+        "conditions": {"$slice": 1},
+        "medications": {"$slice": 1}
+    }
+    
+    cursor = patients_collection.find(query, projection).skip(skip).limit(limit)
+    patients = []
+    
+    async for patient in cursor:
+        patients.append({
+            "id": str(patient["_id"]),
+            "fhir_id": patient.get("fhir_id"),
+            "full_name": patient.get("full_name"),
+            "gender": patient.get("gender"),
+            "age": calculate_age(patient.get("date_of_birth")),
+            "stats": {
+                "notes": len(patient.get("notes", [])),
+                "conditions": len(patient.get("conditions", [])),
+                "medications": len(patient.get("medications", []))
+            }
+        })
+    
+    return patients
+
+@router.get("/ehr/patients/{patient_id}", response_model=dict)
+async def get_patient(patient_id: str):
+    try:
+        patient = await patients_collection.find_one({
+            "$or": [
+                {"_id": ObjectId(patient_id)},
+                {"fhir_id": patient_id}
+            ]
+        })
+        
+        if not patient:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail="Patient not found"
+            )
+        
+        return {
+            "demographics": {
+                "id": str(patient["_id"]),
+                "fhir_id": patient.get("fhir_id"),
+                "full_name": patient.get("full_name"),
+                "gender": patient.get("gender"),
+                "date_of_birth": patient.get("date_of_birth"),
+                "age": calculate_age(patient.get("date_of_birth")),
+                "address": {
+                    "line": patient.get("address"),
+                    "city": patient.get("city"),
+                    "state": patient.get("state"),
+                    "postal_code": patient.get("postal_code"),
+                    "country": patient.get("country")
+                },
+                "marital_status": patient.get("marital_status"),
+                "language": patient.get("language")
+            },
+            "clinical_data": {
+                "notes": patient.get("notes", []),
+                "conditions": patient.get("conditions", []),
+                "medications": patient.get("medications", []),
+                "encounters": patient.get("encounters", [])
+            },
+            "metadata": {
+                "source": patient.get("source"),
+                "import_date": patient.get("import_date"),
+                "last_updated": patient.get("last_updated")
+            }
+        }
+    
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=str(e)
+        )
+
+@router.post("/ehr/patients/{patient_id}/notes", status_code=status.HTTP_201_CREATED)
+async def add_note(
+    patient_id: str,
+    note: Note,
+    current_user: dict = Depends(get_current_user)
+):
+    if current_user.get('role') not in ['doctor', 'admin']:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Only clinicians can add notes"
+        )
+    
+    try:
+        note_data = note.dict()
+        note_data.update({
+            "author": current_user.get('full_name', 'System'),
+            "timestamp": datetime.utcnow()
+        })
+        
+        result = await patients_collection.update_one(
+            {"$or": [
+                {"_id": ObjectId(patient_id)},
+                {"fhir_id": patient_id}
+            ]},
+            {
+                "$push": {"notes": note_data},
+                "$set": {"last_updated": datetime.utcnow()}
+            }
+        )
+        
+        if result.modified_count == 0:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail="Patient not found"
+            )
+        
+        return {"status": "success", "message": "Note added"}
+    
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=str(e)
+        )
+
+# Original Auth Routes (fully implemented)
+@router.post("/signup", status_code=status.HTTP_201_CREATED)
+async def signup(data: SignupForm):
     email = data.email.lower().strip()
     existing = await users_collection.find_one({"email": email})
     if existing:
-        raise HTTPException(status_code=409, detail="Email already exists")
-
+        raise HTTPException(
+            status_code=status.HTTP_409_CONFLICT,
+            detail="Email already exists"
+        )
+    
     hashed_pw = hash_password(data.password)
     user_doc = {
         "email": email,
         "full_name": data.full_name.strip(),
         "password": hashed_pw,
         "role": "patient",
-        "created_at": datetime.utcnow()
+        "created_at": datetime.utcnow(),
+        "updated_at": datetime.utcnow()
+    }
+    
+    result = await users_collection.insert_one(user_doc)
+    return {
+        "status": "success",
+        "id": str(result.inserted_id),
+        "email": email
     }
-    await users_collection.insert_one(user_doc)
-    return {"success": True, "message": "Patient account created"}
 
-# --- ADMIN: Create doctor account ---
-@router.post("/admin/create-doctor")
-async def create_doctor(data: DoctorCreate):
-    existing = await users_collection.find_one({"email": data.email})
+@router.post("/admin/doctors", status_code=status.HTTP_201_CREATED)
+async def create_doctor(
+    data: DoctorCreate,
+    current_user: dict = Depends(get_current_user)
+):
+    if current_user.get('role') != 'admin':
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Only admins can create doctor accounts"
+        )
+    
+    existing = await users_collection.find_one({"email": data.email.lower()})
     if existing:
-        raise HTTPException(status_code=409, detail="Email already exists")
-
+        raise HTTPException(
+            status_code=status.HTTP_409_CONFLICT,
+            detail="Email already exists"
+        )
+    
     hashed_pw = hash_password(data.password)
-    user_doc = {
-        "matricule": data.matricule,
+    doctor_doc = {
         "email": data.email.lower().strip(),
         "full_name": data.full_name.strip(),
-        "specialty": data.specialty,
         "password": hashed_pw,
         "role": "doctor",
-        "created_at": datetime.utcnow()
+        "specialty": data.specialty,
+        "license_number": data.license_number,
+        "created_at": datetime.utcnow(),
+        "updated_at": datetime.utcnow()
+    }
+    
+    result = await users_collection.insert_one(doctor_doc)
+    return {
+        "status": "success",
+        "id": str(result.inserted_id),
+        "email": data.email
     }
-    await users_collection.insert_one(user_doc)
-    return {"success": True, "message": "Doctor account created"}
 
-# --- LOGIN ---
 @router.post("/login", response_model=TokenResponse)
 async def login(form_data: OAuth2PasswordRequestForm = Depends()):
-    email = form_data.username.lower().strip()
-    user = await users_collection.find_one({"email": email})
+    user = await users_collection.find_one({"email": form_data.username.lower()})
     if not user or not verify_password(form_data.password, user["password"]):
-        raise HTTPException(status_code=401, detail="Invalid credentials")
-
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid credentials",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    
     access_token = create_access_token(data={"sub": user["email"]})
-    return {"access_token": access_token, "token_type": "bearer"}
+    return {
+        "access_token": access_token,
+        "token_type": "bearer",
+        "role": user.get("role", "patient")
+    }
 
-# --- GET CURRENT USER ---
 @router.get("/me")
 async def get_me(current_user: dict = Depends(get_current_user)):
     user = await users_collection.find_one({"email": current_user["email"]})
     if not user:
-        raise HTTPException(status_code=404, detail="User not found")
-
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="User not found"
+        )
+    
     return {
         "id": str(user["_id"]),
         "email": user["email"],
         "full_name": user.get("full_name", ""),
-        "role": user.get("role", "unknown"),
-        "specialty": user.get("specialty", None) if user.get("role") == "doctor" else None,
-        "created_at": user.get("created_at", "")
-    }
-
-# --- FETCH AND STORE FHIR PATIENTS ---
-@router.post("/ehr/fetch-from-api")
-async def fetch_and_store_patients_from_fhir():
-    fhir_patients_url = "https://hapi.fhir.org/baseR4/Patient?_count=50"
-    fhir_encounters_url = "https://hapi.fhir.org/baseR4/Encounter?_count=100"
-
-    try:
-        async with httpx.AsyncClient() as client:
-            patient_res = await client.get(fhir_patients_url)
-            if patient_res.status_code != 200:
-                raise HTTPException(status_code=502, detail="Failed to fetch patients")
-            patient_entries = patient_res.json().get("entry", [])
-
-            encounter_res = await client.get(fhir_encounters_url)
-            if encounter_res.status_code != 200:
-                raise HTTPException(status_code=502, detail="Failed to fetch encounters")
-            encounter_entries = encounter_res.json().get("entry", [])
-
-        patient_notes = {}
-        for entry in encounter_entries:
-            resource = entry.get("resource", {})
-            ref = resource.get("subject", {}).get("reference")
-            if not ref or "note" not in resource:
-                continue
-
-            patient_id = ref.split("/")[-1]
-            notes_texts = [n.get("text") for n in resource.get("note", []) if n.get("text")]
-            if notes_texts:
-                patient_notes.setdefault(patient_id, []).extend(notes_texts)
-
-        operations = []
-        for entry in patient_entries:
-            resource = entry.get("resource", {})
-            fhir_id = resource.get("id")
-            name_info = resource.get("name", [{}])[0]
-            address_info = resource.get("address", [{}])[0]
-
-            full_name = f"{name_info.get('given', [''])[0]} {name_info.get('family', '')}".strip()
-            gender = resource.get("gender")
-            birth_date = resource.get("birthDate")
-            address = address_info.get("line", [""])[0]
-            city = address_info.get("city", "")
-            state = address_info.get("state", "")
-            zip_code = address_info.get("postalCode", "")
-
-            if not all([fhir_id, full_name, gender, birth_date, address, city, state, zip_code]):
-                continue
-
-            notes = patient_notes.get(fhir_id, [])
-
-            operations.append(UpdateOne(
-                {"fhir_id": fhir_id},
-                {"$set": {
-                    "fhir_id": fhir_id,
-                    "full_name": full_name,
-                    "gender": gender,
-                    "date_of_birth": birth_date,
-                    "address": address,
-                    "city": city,
-                    "state": state,
-                    "zip": zip_code,
-                    "notes": notes,
-                    "created_at": datetime.utcnow()
-                }},
-                upsert=True
-            ))
-
-        if operations:
-            result = await patients_collection.bulk_write(operations)
-            return {
-                "message": "Fetched and stored patients with linked notes successfully",
-                "inserted": result.upserted_count,
-                "modified": result.modified_count
-            }
-
-        return {"message": "No valid patients to store"}
-
-    except Exception as e:
-        raise HTTPException(status_code=500, detail=str(e))
-
-# --- GET FHIR PATIENTS ---
-@router.get("/ehr/fhir-patients")
-async def list_fhir_patients():
-    cursor = patients_collection.find({"fhir_id": {"$exists": True}})
-    patients = []
-    async for p in cursor:
-        patients.append({
-            "id": str(p["_id"]),
-            "full_name": p.get("full_name"),
-            "gender": p.get("gender"),
-            "date_of_birth": p.get("date_of_birth"),
-            "notes": p.get("notes", [])
-        })
-    return patients
-
-# --- UPDATE A FHIR PATIENT ---
-@router.patch("/ehr/fhir-patients/{patient_id}")
-async def update_fhir_patient(patient_id: str, payload: dict = Body(...), current_user: dict = Depends(get_current_user)):
-    if current_user.get("role") != "doctor":
-        raise HTTPException(status_code=403, detail="Only doctors can update patient records")
-
-    try:
-        patient = await patients_collection.find_one({"_id": ObjectId(patient_id)})
-        if not patient:
-            raise HTTPException(status_code=404, detail="Patient not found")
-
-        await patients_collection.update_one({"_id": ObjectId(patient_id)}, {"$set": payload})
-        return {"message": "Patient updated successfully"}
-    except Exception as e:
-        raise HTTPException(status_code=500, detail=str(e))
+        "role": user.get("role", "patient"),
+        "specialty": user.get("specialty"),
+        "created_at": user.get("created_at"),
+        "updated_at": user.get("updated_at")
+    }