Spaces:
Sleeping
Sleeping
Update api/views.py
Browse files- api/views.py +101 -0
api/views.py
CHANGED
|
@@ -11,6 +11,8 @@ from .ml_engine import predict_xray as predict
|
|
| 11 |
from .email_utils import send_test_result_email
|
| 12 |
from .authentication import authenticate_user, get_user_from_token
|
| 13 |
# pdf_generator import REMOVED for prototype
|
|
|
|
|
|
|
| 14 |
|
| 15 |
import os
|
| 16 |
import uuid
|
|
@@ -41,6 +43,8 @@ def login(request):
|
|
| 41 |
return Response({"error": "Invalid credentials"}, status=status.HTTP_401_UNAUTHORIZED)
|
| 42 |
|
| 43 |
|
|
|
|
|
|
|
| 44 |
# βββ PATIENT ENDPOINTS ββββββββββββββββββββββββββββββββββββββββββ
|
| 45 |
|
| 46 |
@api_view(['GET'])
|
|
@@ -151,6 +155,103 @@ def doctor_dashboard(request):
|
|
| 151 |
]
|
| 152 |
return Response({"tests": dummy_tests}, status=status.HTTP_200_OK)
|
| 153 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 154 |
|
| 155 |
# βββ REPORT GENERATION β REMOVED FOR PROTOTYPE βββββββββββββββββ
|
| 156 |
# All /api/report/* endpoints and pdf_generator usage have been removed.
|
|
|
|
| 11 |
from .email_utils import send_test_result_email
|
| 12 |
from .authentication import authenticate_user, get_user_from_token
|
| 13 |
# pdf_generator import REMOVED for prototype
|
| 14 |
+
from .models import Appointment # Add Appointment to imports
|
| 15 |
+
from .serializers import AppointmentSerializer # Add AppointmentSerializer to imports
|
| 16 |
|
| 17 |
import os
|
| 18 |
import uuid
|
|
|
|
| 43 |
return Response({"error": "Invalid credentials"}, status=status.HTTP_401_UNAUTHORIZED)
|
| 44 |
|
| 45 |
|
| 46 |
+
|
| 47 |
+
|
| 48 |
# βββ PATIENT ENDPOINTS ββββββββββββββββββββββββββββββββββββββββββ
|
| 49 |
|
| 50 |
@api_view(['GET'])
|
|
|
|
| 155 |
]
|
| 156 |
return Response({"tests": dummy_tests}, status=status.HTTP_200_OK)
|
| 157 |
|
| 158 |
+
# βββ APPOINTMENT ENDPOINTS ββββββββββββββββββββββββββββββββββββββ
|
| 159 |
+
|
| 160 |
+
@api_view(['GET'])
|
| 161 |
+
def doctors_list(request):
|
| 162 |
+
"""
|
| 163 |
+
Returns a list of all users with role='doctor' so patients can choose one.
|
| 164 |
+
Authentication is optional depending on your preference, currently protected.
|
| 165 |
+
"""
|
| 166 |
+
user = get_user_from_token(request)
|
| 167 |
+
if not user:
|
| 168 |
+
return Response({"error": "Unauthorized"}, status=status.HTTP_401_UNAUTHORIZED)
|
| 169 |
+
|
| 170 |
+
doctors = UserProfile.objects.filter(role='doctor')
|
| 171 |
+
serializer = UserProfileSerializer(doctors, many=True)
|
| 172 |
+
return Response(serializer.data)
|
| 173 |
+
|
| 174 |
+
|
| 175 |
+
@api_view(['POST'])
|
| 176 |
+
def book_appointment(request):
|
| 177 |
+
"""
|
| 178 |
+
Allows a patient to book an appointment.
|
| 179 |
+
Expects JSON: { "doctor_id": 1, "date": "YYYY-MM-DD", "time": "HH:MM", "reason": "..." }
|
| 180 |
+
"""
|
| 181 |
+
user = get_user_from_token(request)
|
| 182 |
+
if not user:
|
| 183 |
+
return Response({"error": "Unauthorized"}, status=status.HTTP_401_UNAUTHORIZED)
|
| 184 |
+
|
| 185 |
+
data = request.data
|
| 186 |
+
try:
|
| 187 |
+
doctor_id = data.get('doctor_id')
|
| 188 |
+
doctor_profile = UserProfile.objects.get(id=doctor_id, role='doctor')
|
| 189 |
+
|
| 190 |
+
# 'user' here is the Patient's profile (from get_user_from_token)
|
| 191 |
+
appointment = Appointment.objects.create(
|
| 192 |
+
patient=user,
|
| 193 |
+
doctor=doctor_profile,
|
| 194 |
+
date=data.get('date'),
|
| 195 |
+
time=data.get('time'),
|
| 196 |
+
reason=data.get('reason', '')
|
| 197 |
+
)
|
| 198 |
+
return Response(AppointmentSerializer(appointment).data, status=status.HTTP_201_CREATED)
|
| 199 |
+
|
| 200 |
+
except UserProfile.DoesNotExist:
|
| 201 |
+
return Response({"error": "Doctor not found"}, status=status.HTTP_404_NOT_FOUND)
|
| 202 |
+
except Exception as e:
|
| 203 |
+
return Response({"error": str(e)}, status=status.HTTP_400_BAD_REQUEST)
|
| 204 |
+
|
| 205 |
+
|
| 206 |
+
@api_view(['GET'])
|
| 207 |
+
def my_appointments(request):
|
| 208 |
+
"""
|
| 209 |
+
Returns appointments for the logged-in user.
|
| 210 |
+
Auto-detects if user is Patient or Doctor.
|
| 211 |
+
"""
|
| 212 |
+
user = get_user_from_token(request)
|
| 213 |
+
if not user:
|
| 214 |
+
return Response({"error": "Unauthorized"}, status=status.HTTP_401_UNAUTHORIZED)
|
| 215 |
+
|
| 216 |
+
try:
|
| 217 |
+
# Check role field on the user profile
|
| 218 |
+
if hasattr(user, 'role') and user.role == 'doctor':
|
| 219 |
+
appointments = Appointment.objects.filter(doctor=user).order_by('-date', '-time')
|
| 220 |
+
else:
|
| 221 |
+
appointments = Appointment.objects.filter(patient=user).order_by('-date', '-time')
|
| 222 |
+
|
| 223 |
+
return Response(AppointmentSerializer(appointments, many=True).data)
|
| 224 |
+
except Exception as e:
|
| 225 |
+
return Response({"error": str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
|
| 226 |
+
|
| 227 |
+
|
| 228 |
+
@api_view(['POST'])
|
| 229 |
+
def update_appointment_status(request, pk):
|
| 230 |
+
"""
|
| 231 |
+
Doctor updates status (Confirm/Cancel).
|
| 232 |
+
Expects JSON: { "status": "Confirmed" }
|
| 233 |
+
"""
|
| 234 |
+
user = get_user_from_token(request)
|
| 235 |
+
if not user:
|
| 236 |
+
return Response({"error": "Unauthorized"}, status=status.HTTP_401_UNAUTHORIZED)
|
| 237 |
+
|
| 238 |
+
try:
|
| 239 |
+
appointment = Appointment.objects.get(pk=pk)
|
| 240 |
+
|
| 241 |
+
# Security: Ensure the logged-in user is the doctor for this appointment
|
| 242 |
+
if appointment.doctor != user:
|
| 243 |
+
return Response({"error": "Unauthorized action"}, status=status.HTTP_403_FORBIDDEN)
|
| 244 |
+
|
| 245 |
+
new_status = request.data.get('status')
|
| 246 |
+
if new_status in ['Confirmed', 'Cancelled', 'Completed']:
|
| 247 |
+
appointment.status = new_status
|
| 248 |
+
appointment.save()
|
| 249 |
+
return Response(AppointmentSerializer(appointment).data)
|
| 250 |
+
|
| 251 |
+
return Response({"error": "Invalid status"}, status=status.HTTP_400_BAD_REQUEST)
|
| 252 |
+
|
| 253 |
+
except Appointment.DoesNotExist:
|
| 254 |
+
return Response({"error": "Appointment not found"}, status=status.HTTP_404_NOT_FOUND)
|
| 255 |
|
| 256 |
# βββ REPORT GENERATION β REMOVED FOR PROTOTYPE βββββββββββββββββ
|
| 257 |
# All /api/report/* endpoints and pdf_generator usage have been removed.
|