|
1 | | -# MCG Take-Home Project |
| 1 | +# MCG Take-Home Assessment - Patient Care Management System |
2 | 2 |
|
3 | | -Started by Robert Buels at 3:45pm 2/21/25, based on the [FastAPI full stack template](https://fastapi.tiangolo.com/project-generation/). |
| 3 | +## Design |
4 | 4 |
|
5 | | -## Backend Development |
| 5 | +See the system design in [Excalidraw here](https://excalidraw.com/#json=4cLkV3RAlGQ95xFiVW1fY,QTeiqBvSWKEk77UItun2aA) |
6 | 6 |
|
7 | | -Backend docs: [backend/README.md](./backend/README.md). |
| 7 | +## Implementation |
8 | 8 |
|
9 | | -## Frontend Development |
| 9 | +This is based on the [FastAPI full stack template](https://fastapi.tiangolo.com/project-generation/), started as a fork of that project. |
10 | 10 |
|
11 | | -Frontend docs: [frontend/README.md](./frontend/README.md). |
| 11 | +It includes an API server based on Python and FastAPI, with an SQLModel ORM, |
| 12 | +Pydantic type checking, connects to a PostgreSQL database with |
| 13 | +migrations managed by Alembic, and creates AWS presigned URLs for attachment |
| 14 | +uploads and downloads using `boto3`. |
12 | 15 |
|
13 | | -## Deployment |
| 16 | +- Added SQLModel classes and associated Alembic migrations for Patient and Attachment tables |
| 17 | +- Added configuration variables for setting AWS credentials for use by `boto3` |
| 18 | +- Implemented `/patients/...` and `/attachments/...` API routes as specified in the "REST API Sketch" section of the [Design Document](https://excalidraw.com/#json=4cLkV3RAlGQ95xFiVW1fY,QTeiqBvSWKEk77UItun2aA) |
| 19 | +- Implemented automated tests for all API routes based on `pytest` and the FastAPI TestClient. |
| 20 | +- All patient and attachment APIs require a valid JWT authentication token present in the request headers. |
14 | 21 |
|
15 | | -Deployment docs: [deployment.md](./deployment.md). |
| 22 | +AI coding assistants used in development: [GitHub Copilot](https://github.com/features/copilot) and [Aider](https://aider.chat) connected to Claude 3.5-sonnet. Aider proved quite adept at writing tests. |
16 | 23 |
|
17 | | -## Development |
| 24 | +### Design Notes |
18 | 25 |
|
19 | | -General development docs: [development.md](./development.md). |
| 26 | +Publicly visible patient and attachment IDs are non-sequential UUIDs, which is a security best practice. |
20 | 27 |
|
21 | | -This includes using Docker Compose, custom local domains, `.env` configurations, etc. |
| 28 | +File uploads and downloads go directly to and from AWS S3 via presigned URLs, bypassing the application server, which greatly reduces load on the application server and improves upload and download performance. |
| 29 | + |
| 30 | +### APIs Implemented |
| 31 | + |
| 32 | +#### Authentication and User Management |
| 33 | + |
| 34 | +Fully functional user management and authentication APIs are |
| 35 | +included in the base project, including password reset emails. |
| 36 | +See the template documentation for details. |
| 37 | + |
| 38 | +#### POST `/api/v1/patients` |
| 39 | + |
| 40 | +Creates a new patient record. |
| 41 | + |
| 42 | + headers: user's JWT token |
| 43 | + response: JSON representation of new patient record |
| 44 | + |
| 45 | +#### GET `/api/v1/patients/<patient_uuid>` |
| 46 | + |
| 47 | +Gets the details of a single patient. |
| 48 | + |
| 49 | + request headers: user's JWT token |
| 50 | + response: JSON representation of patient |
| 51 | + |
| 52 | +#### GET `/api/v1/patients?<query>` |
| 53 | + |
| 54 | +Retrieves patient records. |
| 55 | + |
| 56 | + request headers: user's JWT token |
| 57 | + query parameters (optional): |
| 58 | + - name_text |
| 59 | + - name_exact |
| 60 | + - history_text |
| 61 | + - has_attachment_mime_type |
| 62 | + - skip, limit (for paging) |
| 63 | + response: |
| 64 | + JSON array of matching patient records, |
| 65 | + filtered according to query params. |
| 66 | + |
| 67 | +#### POST `/api/v1/attachments` |
| 68 | + |
| 69 | +Creates a new attachment. |
| 70 | + |
| 71 | + request headers: |
| 72 | + user's JWT token |
| 73 | + - Content-Type: <mime_type> |
| 74 | + body: |
| 75 | + - file_name |
| 76 | + response: |
| 77 | + - id |
| 78 | + - upload_url: presigned upload URL |
| 79 | + |
| 80 | +Note: after creating the attachment, the client should upload the file |
| 81 | +itself to the provided presigned AWS S3 URL. |
| 82 | + |
| 83 | +#### GET `/api/v1/attachments/<attachment_uuid>/content` |
| 84 | + |
| 85 | +Retrieves attachment content |
| 86 | + |
| 87 | + request headers: user's JWT token |
| 88 | + response: |
| 89 | + 302 redirect to presigned blob storage URL |
| 90 | + |
| 91 | +NOTE: AWS presigned URL generation supports setting the Content-Disposition header (and thus the downloaded file name) that will be provided to the client, which is what is implemented here. |
22 | 92 |
|
23 | 93 | ## License |
24 | 94 |
|
25 | | -This is a fork of the Full Stack FastAPI Template and is licensed under the terms of the MIT license. |
| 95 | +This is a fork of the [FastAPI full stack template](https://fastapi.tiangolo.com/project-generation/) and is licensed under the terms of the MIT license. |
0 commit comments