Test branch

.gitignore

@@ -0,0 +1,2 @@
+#Hides CSRF key
+.env

README.md

@@ -1,8 +1,20 @@
-My groupmembers are:
-- XXXX
-- XXXX
-- XXXX
-- XXXX
+Team Penguin Members:
+- Jo Vinson
+- Andrew Dickerson
+- Ben Karp
+- Arth Chavda
+- Nasmir Pasic
+- Owen Cosner
 
 
------------------- Fill in some information about your project under this ------------------
+------------------ Project Summary ------------------
+
+A medical records sharing platform, supporting both emergency sharing and recipient specified sharing.  
+
+The program has a web front end, with different portals for doctors and patients.  Patients are able to fill in and create medical fields or upload a pdf, which then fills in for a sql table on a database.  Patients are also able to search for and share documents with doctors that have public accounts on the site, and patients have the ability to create emergency keys, in the form of qr codes, to enable doctors to access their records without sharing access. 
+
+The web app contains an AI tool which helps provide a quick summary of a patient’s medical history for doctors who need quick access to specific information.
+
+Doctors have the ability to edit records which are shared with them, and can access new records using an emergency key.  
+
+Both types of accounts can set their privacy status to public or private, to enable or disable new accounts from sharing/accessing documents with them.  Accounts are created using an email, which is sent a verification email, and can be deleted.

Sprint 1/Flask Backend/.env

@@ -0,0 +1 @@
+CONFIG_KEY="W<0:2e?Qr9)cA{:3|~T*5%ZxS"

Sprint 1/Flask Backend/main.py

@@ -0,0 +1,154 @@
+from flask import Flask, render_template, request, redirect, url_for, jsonify
+from flask_bcrypt import Bcrypt
+from wtforms import StringField, PasswordField, SubmitField, RadioField, validators
+from flask_wtf import FlaskForm, CSRFProtect
+from wtforms.validators import EqualTo, InputRequired
+import jinja2
+import mysql
+import pyModules.sqlpy.connectToDB as connectToDB
+import pyModules.sqlpy.createAccountRow as createAccountRow
+import pyModules.sqlpy.fetchData as fetchData
+import pyModules.sqlpy.saveData as saveData
+import os
+from dotenv import load_dotenv
+
+app = Flask(__name__)
+load_dotenv()
+app.config["SECRET_KEY"] = os.getenv("CONFIG_KEY")
+csrf = CSRFProtect(app)
+bcrypt = Bcrypt(app)
+
+@app.route("/")
+def home():
+    return render_template("home.html")
+
+@app.route("/signup_page", methods = ['GET', 'POST'])
+def signup():
+    patient_or_provider = None
+    first_name = None
+    last_name = None
+    phone_number = None
+    user_email = None
+    password = None
+
+    sign_up_form = SignUp()
+    if request.method == "POST":
+        if sign_up_form.validate_on_submit():
+            patient_or_provider = sign_up_form.patient_or_provider.data
+            first_name = sign_up_form.first_name.data
+            last_name = sign_up_form.last_name.data
+            phone_number = sign_up_form.phone_number.data
+            user_email = sign_up_form.user_email.data
+            password = sign_up_form.password.data
+            hashed_password = bcrypt.generate_password_hash(sign_up_form.password.data).decode('utf-8')
+            password = hashed_password
+
+
+            createAccountRow.addNewUser(first_name,
+                       last_name,
+                       user_email,
+                       phone_number,
+                       password,
+                       patient_or_provider,
+                       connectToDB.connectDatabase()
+                       )
+
+    return render_template("signup_page.html", patient_or_provider = patient_or_provider, first_name = first_name, last_name = last_name,
+                        user_email = user_email, phone_number = phone_number, password = password, 
+                           form = sign_up_form)
+
+@app.route("/login_page", methods = ['GET', 'POST'])
+def login():
+    email_login = None
+    password_login = None
+
+    login_form = LogIn()
+    if request.method == "POST":
+        if login_form.validate_on_submit():
+            email_login = login_form.email_login.data
+            password_login = login_form.password_login.data
+
+            #TODO: We need to validate the email and password against the database here
+            #If validated and the user is a doctor, redirect to doctor page
+            #If validated and the user is a patient, redirect to patient page
+            #Jo work your magic
+
+            return redirect(url_for("provider"))
+
+    return render_template("login_page.html", email_login = email_login, password_login = password_login,
+                           form = login_form)
+
+@app.route("/edit_record_page")
+def edit_record_page():
+    return render_template("edit_record_page.html")
+
+# Get patient data for edit_record_page
+@app.route("/api/get_patient")
+def api_get_patient():
+    email = request.args.get("email")
+
+    db = connectToDB.connectDatabase()
+    result = fetchData.fetchUserData(email, db)
+
+    if isinstance(result, map):
+        return jsonify(result)
+
+    return jsonify({"error": "Could not fetch user"}), 400
+
+# Save updated patient data from edit_record_page
+@app.route("/api/update_record", methods=["POST"])
+def api_update_record():
+    data = request.get_json()
+    updated_fields = data.get("updated_fields")
+    email = data.get("email")
+
+    db = connectToDB.connectDatabase()
+
+    for column, value in updated_fields.items():
+        saveData.saveUserData(email,
+                     dbConnection=db,
+                     columnToSet=column,
+                     valueToSet=value)
+
+    return jsonify({"message": "Record saved"})
+
+@app.route('/provider_portal')
+def provider():
+    return render_template('provider_homepage.html')
+
+class SignUp(FlaskForm):
+    patient_or_provider = RadioField("Are you a patient or a provider?", choices=[('Patient', 'Patient'), ('Provider', 'Provider')], validators=[InputRequired()])
+
+    first_name = StringField("Enter your first name", validators = [validators.DataRequired(message = "First name is required")], render_kw = {'placeholder': "John"})
+
+    last_name = StringField("Enter your last name", validators = [validators.DataRequired(message = "Last name is required")], render_kw = {'placeholder': "Doe"})
+
+    phone_number = StringField("Phone number", validators = [validators.DataRequired(message = "Phone number is required"),
+                                                               validators.Length(min = 10, message = "Must be at least 10 characters"),
+                                                               validators.Regexp(r'^\(\d{3}\)\s?\d{3}-\d{4}$', 
+                                                            message="Invalid phone number format. Use (123) 456-7890")
+                                                             ], render_kw = {'placeholder': "(000) 000-0000"})
+    user_email = StringField("Email", validators = [validators.DataRequired(), validators.Email("Must be a valid email")], render_kw = {'placeholder': "example@email.com"})
+
+    password = PasswordField("Create a unique password.", validators = [validators.DataRequired(message = "Please enter a password"),
+                validators.Length(min = 8, max = 20, message = "Please enter a password between 8 and 20 characters"),
+                validators.Regexp(r'^(?=.*[A-Z])(?=.*[!@#$%^+=-])(?=.{8,20}$)[^{}[\]<|*&"()]*$', message = "Please enter a valid password. Valid special characters are @, #, !, $, -, or _"),
+                EqualTo('confirm_password', message="Passwords must match")],
+                           render_kw = {'placeholder': "8-20 characters long, one capital letter, one special character"})
+
+    confirm_password = PasswordField("Confirm your password", validators = [validators.DataRequired(message="Please confirm your password")
+    ], render_kw={'placeholder': "Re-enter your password"})
+
+    submit_button = SubmitField("Submit")
+
+class LogIn(FlaskForm):
+    email_login = StringField("Email", validators=[validators.DataRequired(message="Please enter your email"),validators.Email("Must be a valid email")],
+                             render_kw={'placeholder': "Enter your email"})
+    password_login = PasswordField("Password.", validators = [validators.DataRequired(message = "Please enter your password"),
+                validators.Length(min = 8, max = 20, message = "Must be between 8 and 20 characters"),
+                validators.Regexp(r'^(?=.*[A-Z])(?=.*[!@#$%^+=-])(?=.{8,20}$)[^{}[\]<|*&"()]*$', message = "Invalid format.")], render_kw={'placeholder': "Enter your password"})
+
+    submit_button = SubmitField("Submit")
+
+if __name__ == "__main__":
+    app.run(debug = True)

Sprint 1/Flask Backend/pyModules/__init__.py

@@ -0,0 +1 @@
+__all__ = ["sqlpy"]

Sprint 1/Flask Backend/pyModules/sqlpy/__init__.py

@@ -0,0 +1 @@
+__all__ = ["connectToDB" "createAccountRow"]

Sprint 1/Flask Backend/pyModules/sqlpy/connectToDB.py

@@ -0,0 +1,25 @@
+from mysql import connector
+
+
+def connectDatabase(user = "root", 
+                    password = "password", 
+                    host = "127.0.0.1", 
+                    database = "medicalrecords", 
+                    raiseOnWarnings = True
+                    ):
+
+    connectionConfig = {
+    'user': user,
+    'password': password,
+    'host': host,
+    'database': database,
+    'raise_on_warnings': raiseOnWarnings
+    }
+
+    dbConnection = connector.connect(**connectionConfig)
+
+    return dbConnection
+
+
+def disconnectDatabase(connectionToClose):
+    connectionToClose.close()

Sprint 1/Flask Backend/pyModules/sqlpy/createAccountRow.py

@@ -0,0 +1,62 @@
+from mysql import connector
+from mysql.connector import errorcode
+import mysql
+
+
+def addNewUser( firstName,
+                lastName,
+                userEmail,
+                phoneNumber,
+                password,
+                PatientOrProvider,
+                dbConnection 
+                ):
+
+    returnVal = 1
+
+    addUser = ("INSERT INTO users"
+                 "(Email, FirstName, LastName, PasswordHash, Phone, PatientOrProvider)"
+                 "VALUES ((%(EmailVal)s)," \
+                 "(%(FirstNameVal)s)," \
+                 "(%(LastNameVal)s)," \
+                 "(%(PasswordVal)s)," \
+                 "(%(PhoneVal)s)," \
+                 "(%(PatientOrProviderVal)s))"
+    )   
+
+
+
+
+
+    dataUser = {
+    'EmailVal': userEmail,
+    'FirstNameVal': firstName,
+    'LastNameVal': lastName,
+    'PasswordVal': password,
+    'PhoneVal': phoneNumber,
+    'PatientOrProviderVal': PatientOrProvider
+    }
+
+
+    cursor = dbConnection.cursor()
+
+    try:
+        cursor.execute(addUser, dataUser)
+    except  mysql.connector.Error as err:
+        if err.errno == 1062:
+            returnVal = 2
+
+    try:
+        dbConnection.commit()
+    except  mysql.connector.Error as err:
+        if err.errno == 1062:
+            returnVal = 3
+
+    cursor.close() # close cursor
+    dbConnection.close() # close connection
+
+    return returnVal
+
+
+def addNewUserTest():
+    print("import successful! :)")

Sprint 1/Flask Backend/pyModules/sqlpy/fetchAccessMap.py

@@ -0,0 +1,45 @@
+from mysql import connector
+
+def fetchAccessMap(userEmail,
+                   dbConnection,
+                   patientOrDoctor # "doctor" or "patient"
+                   ):
+
+    cursor = dbConnection.cursor()
+
+    if patientOrDoctor == "doctor":
+        query = ("SELECT u.FirstName, u.LastName, u.Email FROM users u"
+                 "JOIN accessMap AM" 
+                 "ON AM.patient = u.Email"
+                 "WHERE AM.doctor = %(EmailVal)s"
+                )
+    else:
+        query = ("SELECT u.FirstName, u.LastName, u.Email FROM users u" 
+                 "JOIN accessMap AM "
+                 "ON AM.doctor = u.Email"
+                 "WHERE AM.patient = %(EmailVal)s"
+                )
+
+
+    queryData = {
+      'emailVal': userEmail 
+    } # user primary key
+
+    try:
+        cursor.execute(query, queryData) # execute the changes
+    except:
+        return 2 #errorval
+
+
+    returnList = []
+    for (FirstName, LastName, Email) in cursor:
+        # iterate through a set of tuples
+        # the tuples are the rows
+        returnList.append((FirstName, LastName, Email)) 
+
+
+    cursor.close() # close cursor
+    dbConnection.close() # close connection
+
+    return returnList #return the map
+

Sprint 1/Flask Backend/pyModules/sqlpy/fetchData.py

@@ -0,0 +1,39 @@
+from mysql import connector
+
+def fetchUserData(userEmail,
+                  dbConnection
+                  ):
+
+    cursor = dbConnection.cursor()
+
+    query = ("SELECT FirstName, LastName, Age, Phone  FROM users "
+         "WHERE Email EQUALS %(emailVal)s") # fetch user data
+
+    queryData = {
+      'emailVal': userEmail 
+    } # user primary key
+
+    try:
+        cursor.execute(query, queryData) # execute the changes
+    except:
+        return 2 #errorval
+
+    returnMap = {}
+    for (FirstName, LastName, Age, Phone,) in cursor:
+        # iterate through a set of tuples
+        # the tuples are the rows, but we only fetched one
+        returnMap = {
+            'FirstNameVal': FirstName,
+            'LastNameVal': LastName,
+            'AgeVal': Age,
+            'PhoneVal': Phone
+        } # make a return map for the row
+
+
+
+
+    cursor.close() # close cursor
+    dbConnection.close() # close connection
+
+    return returnMap #return the map
+