Spaces:
Sleeping
Sleeping
Update api/routes.py
Browse files- api/routes.py +58 -7
api/routes.py
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
from fastapi import APIRouter, HTTPException, Depends
|
| 2 |
from fastapi.security import OAuth2PasswordRequestForm
|
| 3 |
from models.schemas import SignupForm, TokenResponse, PatientCreate
|
| 4 |
from db.mongo import users_collection, patients_collection
|
|
@@ -6,6 +6,8 @@ from core.security import hash_password, verify_password, create_access_token, g
|
|
| 6 |
from datetime import datetime
|
| 7 |
from bson import ObjectId
|
| 8 |
from bson.errors import InvalidId
|
|
|
|
|
|
|
| 9 |
|
| 10 |
router = APIRouter()
|
| 11 |
|
|
@@ -27,7 +29,6 @@ async def signup(data: SignupForm):
|
|
| 27 |
await users_collection.insert_one(user_doc)
|
| 28 |
return {"success": True, "message": "Account created"}
|
| 29 |
|
| 30 |
-
|
| 31 |
# --- LOGIN ---
|
| 32 |
@router.post("/login", response_model=TokenResponse)
|
| 33 |
async def login(form_data: OAuth2PasswordRequestForm = Depends()):
|
|
@@ -39,7 +40,6 @@ async def login(form_data: OAuth2PasswordRequestForm = Depends()):
|
|
| 39 |
access_token = create_access_token(data={"sub": user["email"]})
|
| 40 |
return {"access_token": access_token, "token_type": "bearer"}
|
| 41 |
|
| 42 |
-
|
| 43 |
# --- GET CURRENT USER ---
|
| 44 |
@router.get("/me")
|
| 45 |
async def get_me(current_user: dict = Depends(get_current_user)):
|
|
@@ -49,7 +49,6 @@ async def get_me(current_user: dict = Depends(get_current_user)):
|
|
| 49 |
"created_at": current_user.get("created_at", "")
|
| 50 |
}
|
| 51 |
|
| 52 |
-
|
| 53 |
# --- ADD NEW PATIENT ---
|
| 54 |
@router.post("/patients")
|
| 55 |
async def add_patient(data: PatientCreate, current_user: dict = Depends(get_current_user)):
|
|
@@ -65,8 +64,7 @@ async def add_patient(data: PatientCreate, current_user: dict = Depends(get_curr
|
|
| 65 |
result = await patients_collection.insert_one(patient_doc)
|
| 66 |
return { "id": str(result.inserted_id), "message": "Patient created successfully" }
|
| 67 |
|
| 68 |
-
|
| 69 |
-
# --- GET ALL PATIENTS CREATED BY CURRENT USER ---
|
| 70 |
@router.get("/patients")
|
| 71 |
async def list_patients(current_user: dict = Depends(get_current_user)):
|
| 72 |
patients_cursor = patients_collection.find({"created_by": current_user["email"]})
|
|
@@ -81,7 +79,6 @@ async def list_patients(current_user: dict = Depends(get_current_user)):
|
|
| 81 |
})
|
| 82 |
return patients
|
| 83 |
|
| 84 |
-
|
| 85 |
# --- GET PATIENT BY ID ---
|
| 86 |
@router.get("/patients/{patient_id}")
|
| 87 |
async def get_patient_by_id(patient_id: str, current_user: dict = Depends(get_current_user)):
|
|
@@ -105,3 +102,57 @@ async def get_patient_by_id(patient_id: str, current_user: dict = Depends(get_cu
|
|
| 105 |
"contact": patient.get("contact", {}),
|
| 106 |
"created_at": patient.get("created_at"),
|
| 107 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
from fastapi import APIRouter, HTTPException, Depends, Body
|
| 2 |
from fastapi.security import OAuth2PasswordRequestForm
|
| 3 |
from models.schemas import SignupForm, TokenResponse, PatientCreate
|
| 4 |
from db.mongo import users_collection, patients_collection
|
|
|
|
| 6 |
from datetime import datetime
|
| 7 |
from bson import ObjectId
|
| 8 |
from bson.errors import InvalidId
|
| 9 |
+
from typing import Optional
|
| 10 |
+
from pydantic import BaseModel
|
| 11 |
|
| 12 |
router = APIRouter()
|
| 13 |
|
|
|
|
| 29 |
await users_collection.insert_one(user_doc)
|
| 30 |
return {"success": True, "message": "Account created"}
|
| 31 |
|
|
|
|
| 32 |
# --- LOGIN ---
|
| 33 |
@router.post("/login", response_model=TokenResponse)
|
| 34 |
async def login(form_data: OAuth2PasswordRequestForm = Depends()):
|
|
|
|
| 40 |
access_token = create_access_token(data={"sub": user["email"]})
|
| 41 |
return {"access_token": access_token, "token_type": "bearer"}
|
| 42 |
|
|
|
|
| 43 |
# --- GET CURRENT USER ---
|
| 44 |
@router.get("/me")
|
| 45 |
async def get_me(current_user: dict = Depends(get_current_user)):
|
|
|
|
| 49 |
"created_at": current_user.get("created_at", "")
|
| 50 |
}
|
| 51 |
|
|
|
|
| 52 |
# --- ADD NEW PATIENT ---
|
| 53 |
@router.post("/patients")
|
| 54 |
async def add_patient(data: PatientCreate, current_user: dict = Depends(get_current_user)):
|
|
|
|
| 64 |
result = await patients_collection.insert_one(patient_doc)
|
| 65 |
return { "id": str(result.inserted_id), "message": "Patient created successfully" }
|
| 66 |
|
| 67 |
+
# --- GET ALL PATIENTS ---
|
|
|
|
| 68 |
@router.get("/patients")
|
| 69 |
async def list_patients(current_user: dict = Depends(get_current_user)):
|
| 70 |
patients_cursor = patients_collection.find({"created_by": current_user["email"]})
|
|
|
|
| 79 |
})
|
| 80 |
return patients
|
| 81 |
|
|
|
|
| 82 |
# --- GET PATIENT BY ID ---
|
| 83 |
@router.get("/patients/{patient_id}")
|
| 84 |
async def get_patient_by_id(patient_id: str, current_user: dict = Depends(get_current_user)):
|
|
|
|
| 102 |
"contact": patient.get("contact", {}),
|
| 103 |
"created_at": patient.get("created_at"),
|
| 104 |
}
|
| 105 |
+
|
| 106 |
+
# --- UPDATE PATIENT ---
|
| 107 |
+
class PatientUpdate(BaseModel):
|
| 108 |
+
full_name: Optional[str]
|
| 109 |
+
date_of_birth: Optional[datetime]
|
| 110 |
+
gender: Optional[str]
|
| 111 |
+
notes: Optional[str]
|
| 112 |
+
contact: Optional[dict]
|
| 113 |
+
|
| 114 |
+
@router.put("/patients/{patient_id}")
|
| 115 |
+
async def update_patient(
|
| 116 |
+
patient_id: str,
|
| 117 |
+
data: PatientUpdate = Body(...),
|
| 118 |
+
current_user: dict = Depends(get_current_user)
|
| 119 |
+
):
|
| 120 |
+
try:
|
| 121 |
+
oid = ObjectId(patient_id)
|
| 122 |
+
except InvalidId:
|
| 123 |
+
raise HTTPException(status_code=400, detail="Invalid patient ID")
|
| 124 |
+
|
| 125 |
+
update_data = {}
|
| 126 |
+
for key, value in data.dict(exclude_unset=True).items():
|
| 127 |
+
if key == "date_of_birth" and value:
|
| 128 |
+
update_data[key] = datetime.combine(value, datetime.min.time())
|
| 129 |
+
else:
|
| 130 |
+
update_data[key] = value
|
| 131 |
+
|
| 132 |
+
result = await patients_collection.update_one(
|
| 133 |
+
{"_id": oid, "created_by": current_user["email"]},
|
| 134 |
+
{"$set": update_data}
|
| 135 |
+
)
|
| 136 |
+
|
| 137 |
+
if result.matched_count == 0:
|
| 138 |
+
raise HTTPException(status_code=404, detail="Patient not found")
|
| 139 |
+
|
| 140 |
+
return {"message": "Patient updated successfully"}
|
| 141 |
+
|
| 142 |
+
# --- DELETE PATIENT ---
|
| 143 |
+
@router.delete("/patients/{patient_id}")
|
| 144 |
+
async def delete_patient(patient_id: str, current_user: dict = Depends(get_current_user)):
|
| 145 |
+
try:
|
| 146 |
+
oid = ObjectId(patient_id)
|
| 147 |
+
except InvalidId:
|
| 148 |
+
raise HTTPException(status_code=400, detail="Invalid patient ID")
|
| 149 |
+
|
| 150 |
+
result = await patients_collection.delete_one({
|
| 151 |
+
"_id": oid,
|
| 152 |
+
"created_by": current_user["email"]
|
| 153 |
+
})
|
| 154 |
+
|
| 155 |
+
if result.deleted_count == 0:
|
| 156 |
+
raise HTTPException(status_code=404, detail="Patient not found or unauthorized")
|
| 157 |
+
|
| 158 |
+
return {"message": "Patient deleted successfully"}
|