Spaces:

MisbahKhan
/

Capstone

Running

App Files Files Community

MisbahKhan0009 commited on 18 days ago

Commit

6931883

0 Parent(s):

all files added

Browse files

Files changed (38) hide show

.env.example +24 -0
MAILCHIMP_SETUP.md +342 -0
README.md +208 -0
database/apply_schema.js +65 -0
database/schema.sql +123 -0
database/seed_doctors.js +86 -0
package-lock.json +1470 -0
package.json +35 -0
postman/care_people.postman_collection.json +291 -0
src/app.js +45 -0
src/config/db.js +42 -0
src/config/env.js +52 -0
src/middleware/auth.js +41 -0
src/middleware/errorHandler.js +27 -0
src/routes/ai.routes.js +36 -0
src/routes/appointments.routes.js +80 -0
src/routes/auth.routes.js +183 -0
src/routes/doctors.routes.js +33 -0
src/routes/health.routes.js +19 -0
src/routes/index.js +19 -0
src/routes/patients.routes.js +36 -0
src/routes/prescriptions.routes.js +54 -0
src/server.js +19 -0
src/services/ai.service.js +342 -0
src/services/appointments.service.js +277 -0
src/services/auth.service.js +164 -0
src/services/doctors.service.js +95 -0
src/services/mailchimp.service.js +115 -0
src/services/patients.service.js +152 -0
src/services/prescriptions.service.js +305 -0
src/utils/apiResponse.js +12 -0
src/utils/date.js +30 -0
src/utils/email.js +42 -0
src/utils/httpError.js +9 -0
src/utils/otpStore.js +51 -0
src/utils/phone.js +26 -0
src/utils/serializers.js +115 -0
src/utils/tokens.js +53 -0

.env.example ADDED Viewed

	@@ -0,0 +1,24 @@

+PORT=3000
+APP_ENV=development
+FRONTEND_ORIGINS=http://localhost:3000,http://127.0.0.1:3000,http://localhost:8080,http://127.0.0.1:8080
+DB_HOST=127.0.0.1
+DB_PORT=3306
+DB_NAME=care_people
+DB_USER=root
+DB_PASSWORD=
+JWT_SECRET=change-this-access-secret
+JWT_REFRESH_SECRET=change-this-refresh-secret
+ACCESS_TOKEN_MINUTES=60
+REFRESH_TOKEN_DAYS=2
+OTP_DEV_MODE=true
+OTP_TTL_MINUTES=5
+OTP_LENGTH=6
+MAILCHIMP_TRANSACTIONAL_ENABLED=false
+MAILCHIMP_TRANSACTIONAL_API_KEY=
+MAILCHIMP_FROM_EMAIL=
+MAILCHIMP_FROM_NAME=Care People
+MAILCHIMP_REPLY_TO=

MAILCHIMP_SETUP.md ADDED Viewed

	@@ -0,0 +1,342 @@

+# Mailchimp Setup Guide
+This guide shows how to set up `Mailchimp Transactional` for Care People email OTP.
+Last reviewed: `April 1, 2026`
+## Important
+For OTP email, use `Mailchimp Transactional`, not the regular Mailchimp marketing campaign API.
+Mailchimp says Transactional is:
+- a paid add-on available with `Standard` plan or higher
+- purchased in blocks of `25,000` emails per month
+- available in `demo` mode for first-time users
+Official docs:
+- https://mailchimp.com/help/add-or-remove-transactional-email/
+- https://mailchimp.com/developer/transactional/guides/quick-start/
+- https://mailchimp.com/developer/transactional/api/messages/send-new-message/
+## What you need first
+1. A Mailchimp account on `Standard` plan or higher.
+2. A domain email you control, for example `noreply@yourdomain.com`.
+3. Access to your DNS records.
+Mailchimp recommends verifying and authenticating your domain. Their Help Center also notes that free mailbox providers like Gmail, Yahoo, or AOL cannot be verified/authenticated as your sending domain.
+Official doc:
+- https://mailchimp.com/help/verify-a-domain/
+## Step 1: Enable Mailchimp Transactional
+In Mailchimp:
+1. Open `Automations`.
+2. Open `Transactional`.
+3. If you have never used it before, click `Try demo`.
+4. When ready, upgrade to a paid Transactional plan.
+5. Choose your monthly email block amount.
+Mailchimp's help article says first-time users can start from demo mode, and paid plans are bought in monthly 25,000-email blocks.
+Official doc:
+- https://mailchimp.com/help/add-or-remove-transactional-email/
+## Step 2: Launch the Transactional app
+After enabling Transactional:
+1. Go to the `Transactional` page in Mailchimp.
+2. Click `Launch App`.
+3. This opens the Transactional/Mandrill area where API keys, templates, senders, and logs live.
+## Step 3: Create your API key
+Mailchimp's Quick Start says to create the API key inside Transactional settings and copy it immediately because you cannot view it again later.
+Steps:
+1. In the Transactional app, open `Settings`.
+2. Find the `API Keys` section.
+3. Click `Create New Key`.
+4. Give it a descriptive name, for example `care-people-local`.
+5. Copy the key immediately and store it safely.
+Official doc:
+- https://mailchimp.com/developer/transactional/guides/quick-start/
+## Step 4: Verify your sending domain
+Mailchimp says domain verification proves you control the domain and helps inbox placement.
+Steps:
+1. In Mailchimp, open `Account & billing`.
+2. Open `Domains`.
+3. In `Email Domains`, click `Add & Verify Domain`.
+4. Enter an address on your domain, for example `noreply@yourdomain.com`.
+5. Click `Send Verification Email`.
+6. Open the verification email and complete the verification.
+Mailchimp also recommends domain authentication and DMARC after verification.
+Official doc:
+- https://mailchimp.com/help/verify-a-domain/
+## Step 5: Authenticate the domain
+After verification, set up Mailchimp's recommended DNS authentication records for the same domain.
+Why this matters:
+- better deliverability
+- lower spam-folder risk
+- better sender reputation
+From Mailchimp's verification article:
+- they recommend both `verify` and `authenticate`
+- they strongly recommend configuring `DMARC`
+Start here:
+- https://mailchimp.com/help/verify-a-domain/
+## Step 6: Choose your sender addresses
+Recommended sender setup:
+- From email: `noreply@yourdomain.com`
+- Reply-To: `support@yourdomain.com`
+- From name: `Care People`
+Avoid using:
+- personal Gmail addresses
+- Yahoo/AOL senders
+- addresses on domains you do not control
+## Step 7: Put the values into the backend
+Update [backend/.env](/c:/Users/mkhan/Documents/Projects/carePeople/backend/.env):
+```env
+MAILCHIMP_TRANSACTIONAL_ENABLED=true
+MAILCHIMP_TRANSACTIONAL_API_KEY=your_real_transactional_api_key
+MAILCHIMP_FROM_EMAIL=noreply@yourdomain.com
+MAILCHIMP_FROM_NAME=Care People
+MAILCHIMP_REPLY_TO=support@yourdomain.com
+OTP_DEV_MODE=false
+```
+Notes:
+- Keep `OTP_DEV_MODE=true` until your Mailchimp setup is verified.
+- Once real sending works, switch it to `false`.
+- If `MAILCHIMP_TRANSACTIONAL_ENABLED=false`, the backend stays in dev fallback mode and returns OTP in the API response.
+## Step 8: Restart and test the backend
+From [backend](/c:/Users/mkhan/Documents/Projects/carePeople/backend):
+```powershell
+npm run dev
+```
+Then test:
+1. Import [care_people.postman_collection.json](/c:/Users/mkhan/Documents/Projects/carePeople/backend/postman/care_people.postman_collection.json)
+2. Set `patientEmail` to a mailbox you can receive
+3. Run `Send Patient OTP`
+4. Confirm the OTP email arrives
+5. Run `Verify Patient OTP`
+## Step 9: Test your API key directly
+Mailchimp's Quick Start recommends testing with `/users/ping`.
+PowerShell example:
+```powershell
+$body = @{
+  key = "YOUR_API_KEY"
+} | ConvertTo-Json
+Invoke-RestMethod `
+  -Method Post `
+  -Uri "https://mandrillapp.com/api/1.0/users/ping" `
+  -ContentType "application/json" `
+  -Body $body
+```
+Expected result:
+```text
+PONG!
+```
+Official doc:
+- https://mailchimp.com/developer/transactional/guides/quick-start/
+## Email templates
+Current status in this repo:
+- the backend currently sends OTP using inline HTML/text
+- Mailchimp templates are optional right now
+- you can still prepare templates now, then we can wire the backend to them in a follow-up step
+Mailchimp's Transactional API supports both:
+- classic Transactional templates via `/templates/...`
+- Mailchimp Transactional templates via `/mctemplates/...`
+The API reference also lists:
+- `/messages/send-template`
+- `/messages/send-mc-template`
+Official doc:
+- https://mailchimp.com/developer/transactional/api/messages/send-using-mailchimp-template/
+- https://mailchimp.com/developer/transactional/api/templates/list-templates/
+## Recommended OTP template variables
+If you want us to switch to templates later, create the template around these variables:
+- `OTP_CODE`
+- `OTP_MINUTES`
+- `APP_NAME`
+- `SUPPORT_EMAIL`
+Suggested subject:
+```text
+Your Care People OTP is *|OTP_CODE|*
+```
+Suggested body:
+```html
+<div style="font-family: Arial, sans-serif; color: #1f2937; line-height: 1.6;">
+  <p>Hello,</p>
+  <p>Your Care People OTP is:</p>
+  <p style="font-size: 28px; font-weight: bold; letter-spacing: 4px;">*|OTP_CODE|*</p>
+  <p>This code is valid for *|OTP_MINUTES|* minutes.</p>
+  <p>Please do not share this code with anyone.</p>
+  <p>Care People Team</p>
+</div>
+```
+## Template workflow options
+### Option A: Create templates in the Transactional app UI
+Use this when:
+- non-developers may edit email copy later
+- you want Mailchimp-managed template revisions
+After the template exists, we can update the backend to send through the Mailchimp template route instead of inline HTML.
+### Option B: Create templates through the Transactional API
+Mailchimp's API reference includes endpoints for:
+- `/templates/add`
+- `/templates/update`
+- `/templates/publish`
+- `/templates/list`
+- `/templates/render`
+Important:
+- publish the template after editing
+- Mailchimp says published content is what new sends will use
+Official doc:
+- https://mailchimp.com/developer/transactional/api/templates/list-templates/
+## Suggested naming
+Use a clear name like:
+```text
+care-people-otp-v1
+```
+That makes it easy to version later:
+- `care-people-otp-v2`
+- `care-people-welcome-v1`
+- `care-people-appointment-confirmation-v1`
+## Troubleshooting
+### API ping fails
+Likely causes:
+- wrong API key
+- key copied incorrectly
+- Transactional add-on not fully enabled yet
+Check:
+- Transactional app `Settings > API Keys`
+- the `/users/ping` test
+### OTP sends in dev mode but not through Mailchimp
+Check:
+- `MAILCHIMP_TRANSACTIONAL_ENABLED=true`
+- `MAILCHIMP_TRANSACTIONAL_API_KEY` is set
+- `MAILCHIMP_FROM_EMAIL` is set
+- `OTP_DEV_MODE=false`
+### Messages go to spam
+Check:
+- domain verified
+- domain authenticated
+- DMARC configured
+- from-address is on your own domain
+### Verification email never arrives
+Mailchimp's domain verification article suggests:
+- allow more time
+- resend to another address on the same domain
+- add `accountservices@mailchimp.com` to safe senders
+- allowlist Mailchimp IPs if your IT/mail server is strict
+Official doc:
+- https://mailchimp.com/help/verify-a-domain/
+## Recommended rollout
+1. Enable Transactional in Mailchimp.
+2. Create API key.
+3. Verify and authenticate your domain.
+4. Put real credentials in [backend/.env](/c:/Users/mkhan/Documents/Projects/carePeople/backend/.env).
+5. Keep `OTP_DEV_MODE=true` for the first test.
+6. Confirm live email delivery.
+7. Turn `OTP_DEV_MODE=false`.
+8. Optionally create and publish an OTP template.
+9. If you want, I can then switch the backend from inline HTML to template-based sending.

README.md ADDED Viewed

	@@ -0,0 +1,208 @@

+# Care People Backend
+MySQL-backed backend for the Flutter `care_people` app using:
+- Node.js + Express
+- XAMPP MariaDB/MySQL
+- JWT auth with 2-day refresh sessions
+- Dev OTP flow for patient login
+- Mailchimp Transactional-ready email OTP delivery
+## Local setup
+This backend is already configured for your current XAMPP setup:
+- Host: `127.0.0.1`
+- Port: `3306`
+- Database: `care_people`
+- User: `root`
+- Password: empty
+Start from [backend/.env](/c:/Users/mkhan/Documents/Projects/carePeople/backend/.env).
+Mailchimp email settings:
+- `MAILCHIMP_TRANSACTIONAL_ENABLED`
+- `MAILCHIMP_TRANSACTIONAL_API_KEY`
+- `MAILCHIMP_FROM_EMAIL`
+- `MAILCHIMP_FROM_NAME`
+- `MAILCHIMP_REPLY_TO`
+Groq AI settings:
+- `GROQ_API_KEY`
+- `GROQ_MODEL`
+For OTP, use `Mailchimp Transactional` (Mandrill API), not the regular Mailchimp marketing campaign API.
+Full setup guide:
+- [MAILCHIMP_SETUP.md](/c:/Users/mkhan/Documents/Projects/carePeople/backend/MAILCHIMP_SETUP.md)
+## Commands
+Run these inside [backend](/c:/Users/mkhan/Documents/Projects/carePeople/backend):
+```powershell
+npm install
+npm run db:init
+npm run db:seed
+npm run dev
+```
+Health check:
+```powershell
+Invoke-RestMethod http://localhost:3000/health
+```
+## Backend plan
+1. Move storage from local Flutter JSON and `SharedPreferences` into MySQL.
+2. Keep the current product flow intact: patient OTP login, patient profile, doctor login, doctor discovery, appointments, prescriptions.
+3. Send patient OTP through email, with a dev fallback until Mailchimp credentials are added.
+4. Preserve appointment history in MySQL by marking completed rows instead of deleting them.
+5. Add a Postman collection so every route is testable before app integration.
+## API list
+### Auth
+- `POST /api/v1/auth/patient/send-otp`
+- `POST /api/v1/auth/patient/verify-otp`
+- `POST /api/v1/auth/doctor/login`
+- `POST /api/v1/auth/refresh`
+- `POST /api/v1/auth/logout`
+### AI
+- `POST /api/v1/ai/patient-suggestion`
+- `POST /api/v1/ai/doctor-assistant`
+### Patients
+- `GET /api/v1/patients/me`
+- `PUT /api/v1/patients/me`
+### Doctors
+- `GET /api/v1/doctors`
+- `GET /api/v1/doctors/:doctorId`
+### Appointments
+- `GET /api/v1/appointments/doctor/:doctorId/availability?date=YYYY-MM-DD`
+- `GET /api/v1/appointments/patient/me`
+- `GET /api/v1/appointments/doctor/me`
+- `POST /api/v1/appointments`
+- `PATCH /api/v1/appointments/:appointmentId/status`
+### Prescriptions
+- `GET /api/v1/prescriptions/patient/me`
+- `GET /api/v1/prescriptions/doctor/me`
+- `POST /api/v1/prescriptions`
+## Example request JSON
+### Send patient OTP
+```json
+{
+  "phoneNumber": "01712345678",
+  "email": "patient@example.com"
+}
+```
+### Save patient profile
+```json
+{
+  "email": "patient@example.com",
+  "name": "Md Rahim",
+  "dateOfBirth": "1998-02-14",
+  "address": "Dhaka, Bangladesh",
+  "gender": "Male"
+}
+```
+### Create appointment
+```json
+{
+  "doctorId": "DOC001",
+  "date": "2026-04-06",
+  "timeSlot": "09:00 AM",
+  "notes": "Chest pain for 2 days"
+}
+```
+### Create prescription
+```json
+{
+  "appointmentId": 1,
+  "diagnosis": [
+    "Hypertension",
+    "Chest discomfort"
+  ],
+  "medicines": [
+    {
+      "name": "Amlodipine",
+      "dosage": "5 mg",
+      "frequency": "Once daily",
+      "duration": "30 days",
+      "notes": "After breakfast"
+    }
+  ],
+  "additionalNotes": "Reduce salt intake",
+  "pdfPath": null
+}
+```
+### Patient AI suggestion
+```json
+{
+  "symptoms": "Fever, sore throat, and body pain since last night",
+  "severity": "Medium"
+}
+```
+### Doctor AI assistant
+```json
+{
+  "goal": "Consult Note",
+  "input": "52 year old with chest discomfort for 2 days, no syncope, mild dizziness, blood pressure not yet recorded."
+}
+```
+## Postman
+Collection JSON:
+- [care_people.postman_collection.json](/c:/Users/mkhan/Documents/Projects/carePeople/backend/postman/care_people.postman_collection.json)
+Import it into Postman, then run the requests in this order:
+1. `Health`
+2. `Send Patient OTP`
+3. `Verify Patient OTP`
+4. `Save Patient Profile`
+5. `List Doctors`
+6. `Doctor Availability`
+7. `Create Appointment`
+8. `Patient AI Suggestion`
+9. `Doctor Login`
+10. `Doctor AI Assistant`
+11. `Create Prescription`
+## Notes
+- Doctors are seeded from [doctors.json](/c:/Users/mkhan/Documents/Projects/carePeople/assets/data/doctors.json).
+- Doctor passwords stay the same as the current Flutter asset file, but are stored hashed in MySQL.
+- The backend returns camelCase JSON to match your current Flutter models more closely.
+- Patient login now expects `phoneNumber + email`, and OTP is sent by email.
+- When `MAILCHIMP_TRANSACTIONAL_ENABLED=false`, the backend stays in dev mode and returns the OTP in the API response for testing.
+- AI guidance is generated through Groq on the backend so the API key stays server-side.

database/apply_schema.js ADDED Viewed

	@@ -0,0 +1,65 @@

+const fs = require('fs');
+const path = require('path');
+const mysql = require('mysql2/promise');
+const dotenv = require('dotenv');
+dotenv.config({ path: path.resolve(__dirname, '..', '.env') });
+async function applySchema() {
+  const connection = await mysql.createConnection({
+    host: process.env.DB_HOST || '127.0.0.1',
+    port: Number(process.env.DB_PORT || 3306),
+    user: process.env.DB_USER || 'root',
+    password: process.env.DB_PASSWORD || '',
+    multipleStatements: true,
+  });
+  try {
+    const schemaPath = path.resolve(__dirname, 'schema.sql');
+    const schemaSql = fs.readFileSync(schemaPath, 'utf8');
+    await connection.query(schemaSql);
+    await connection.query(
+      `USE \`${process.env.DB_NAME || 'care_people'}\``,
+    );
+    const [emailColumnRows] = await connection.query(`
+      SELECT COUNT(*) AS total
+      FROM information_schema.COLUMNS
+      WHERE
+        TABLE_SCHEMA = DATABASE()
+        AND TABLE_NAME = 'patients'
+        AND COLUMN_NAME = 'email'
+    `);
+    if (Number(emailColumnRows[0].total || 0) === 0) {
+      await connection.query(
+        'ALTER TABLE patients ADD COLUMN email VARCHAR(255) NULL AFTER phone_number',
+      );
+    }
+    const [emailIndexRows] = await connection.query(`
+      SELECT COUNT(*) AS total
+      FROM information_schema.STATISTICS
+      WHERE
+        TABLE_SCHEMA = DATABASE()
+        AND TABLE_NAME = 'patients'
+        AND INDEX_NAME = 'uniq_patients_email'
+    `);
+    if (Number(emailIndexRows[0].total || 0) === 0) {
+      await connection.query(
+        'ALTER TABLE patients ADD UNIQUE KEY uniq_patients_email (email)',
+      );
+    }
+    console.log('MySQL schema applied successfully.');
+  } finally {
+    await connection.end();
+  }
+}
+applySchema().catch((error) => {
+  console.error('Failed to apply MySQL schema.');
+  console.error(error);
+  process.exit(1);
+});

database/schema.sql ADDED Viewed

	@@ -0,0 +1,123 @@

+CREATE DATABASE IF NOT EXISTS care_people
+  CHARACTER SET utf8mb4
+  COLLATE utf8mb4_unicode_ci;
+USE care_people;
+CREATE TABLE IF NOT EXISTS doctors (
+  id VARCHAR(10) PRIMARY KEY,
+  name VARCHAR(100) NOT NULL,
+  department VARCHAR(50) NOT NULL,
+  designation VARCHAR(100) NOT NULL,
+  degrees VARCHAR(200) NOT NULL,
+  room_number VARCHAR(10) NOT NULL,
+  consultation_fee DECIMAL(10, 2) NOT NULL,
+  consultation_days JSON NOT NULL,
+  consultation_times VARCHAR(100) NOT NULL,
+  password_hash VARCHAR(255) NOT NULL,
+  is_active TINYINT(1) NOT NULL DEFAULT 1,
+  created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  updated_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
+) ENGINE=InnoDB;
+CREATE TABLE IF NOT EXISTS patients (
+  phone_number VARCHAR(15) PRIMARY KEY,
+  email VARCHAR(255) NULL,
+  name VARCHAR(100) NOT NULL,
+  date_of_birth DATE NOT NULL,
+  address TEXT NOT NULL,
+  gender ENUM('male', 'female', 'other') NOT NULL DEFAULT 'male',
+  created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  updated_at DATETIME NULL DEFAULT NULL,
+  UNIQUE KEY uniq_patients_email (email)
+) ENGINE=InnoDB;
+CREATE TABLE IF NOT EXISTS sessions (
+  id CHAR(36) PRIMARY KEY,
+  user_type ENUM('patient', 'doctor') NOT NULL,
+  user_identifier VARCHAR(32) NOT NULL,
+  refresh_token_hash CHAR(64) NOT NULL,
+  login_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  expires_at DATETIME NOT NULL,
+  revoked_at DATETIME NULL DEFAULT NULL,
+  metadata_json JSON NULL,
+  INDEX idx_sessions_user (user_type, user_identifier),
+  INDEX idx_sessions_expires (expires_at)
+) ENGINE=InnoDB;
+CREATE TABLE IF NOT EXISTS appointments (
+  id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
+  doctor_id VARCHAR(10) NOT NULL,
+  patient_phone VARCHAR(15) NOT NULL,
+  appointment_date DATE NOT NULL,
+  time_slot VARCHAR(20) NOT NULL,
+  serial_number INT NOT NULL,
+  status ENUM('confirmed', 'cancelled', 'completed') NOT NULL DEFAULT 'confirmed',
+  notes TEXT NULL,
+  created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  updated_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  UNIQUE KEY uniq_appointment_slot (doctor_id, appointment_date, time_slot),
+  INDEX idx_appointments_doctor_date (doctor_id, appointment_date),
+  INDEX idx_appointments_patient_date (patient_phone, appointment_date),
+  CONSTRAINT fk_appointments_doctor
+    FOREIGN KEY (doctor_id) REFERENCES doctors(id)
+    ON DELETE RESTRICT
+    ON UPDATE CASCADE,
+  CONSTRAINT fk_appointments_patient
+    FOREIGN KEY (patient_phone) REFERENCES patients(phone_number)
+    ON DELETE RESTRICT
+    ON UPDATE CASCADE
+) ENGINE=InnoDB;
+CREATE TABLE IF NOT EXISTS prescriptions (
+  id VARCHAR(40) PRIMARY KEY,
+  doctor_id VARCHAR(10) NOT NULL,
+  patient_phone VARCHAR(15) NOT NULL,
+  appointment_id BIGINT UNSIGNED NULL,
+  appointment_date DATE NOT NULL,
+  issued_at DATETIME NOT NULL,
+  additional_notes TEXT NULL,
+  pdf_path VARCHAR(500) NULL,
+  created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  INDEX idx_prescriptions_doctor_issue (doctor_id, issued_at),
+  INDEX idx_prescriptions_patient_issue (patient_phone, issued_at),
+  CONSTRAINT fk_prescriptions_doctor
+    FOREIGN KEY (doctor_id) REFERENCES doctors(id)
+    ON DELETE RESTRICT
+    ON UPDATE CASCADE,
+  CONSTRAINT fk_prescriptions_patient
+    FOREIGN KEY (patient_phone) REFERENCES patients(phone_number)
+    ON DELETE RESTRICT
+    ON UPDATE CASCADE,
+  CONSTRAINT fk_prescriptions_appointment
+    FOREIGN KEY (appointment_id) REFERENCES appointments(id)
+    ON DELETE SET NULL
+    ON UPDATE CASCADE
+) ENGINE=InnoDB;
+CREATE TABLE IF NOT EXISTS prescription_diagnoses (
+  id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
+  prescription_id VARCHAR(40) NOT NULL,
+  diagnosis_text TEXT NOT NULL,
+  sort_order INT NOT NULL DEFAULT 0,
+  INDEX idx_prescription_diagnoses_rx (prescription_id, sort_order),
+  CONSTRAINT fk_prescription_diagnoses_prescription
+    FOREIGN KEY (prescription_id) REFERENCES prescriptions(id)
+    ON DELETE CASCADE
+    ON UPDATE CASCADE
+) ENGINE=InnoDB;
+CREATE TABLE IF NOT EXISTS prescribed_medicines (
+  id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
+  prescription_id VARCHAR(40) NOT NULL,
+  name VARCHAR(200) NOT NULL,
+  dosage VARCHAR(100) NOT NULL,
+  frequency VARCHAR(100) NOT NULL,
+  duration VARCHAR(100) NOT NULL,
+  notes TEXT NULL,
+  INDEX idx_prescribed_medicines_rx (prescription_id),
+  CONSTRAINT fk_prescribed_medicines_prescription
+    FOREIGN KEY (prescription_id) REFERENCES prescriptions(id)
+    ON DELETE CASCADE
+    ON UPDATE CASCADE
+) ENGINE=InnoDB;

database/seed_doctors.js ADDED Viewed

	@@ -0,0 +1,86 @@

+const fs = require('fs');
+const path = require('path');
+const bcrypt = require('bcryptjs');
+const mysql = require('mysql2/promise');
+const dotenv = require('dotenv');
+dotenv.config({ path: path.resolve(__dirname, '..', '.env') });
+async function seedDoctors() {
+  const sourcePath = path.resolve(
+    __dirname,
+    '..',
+    '..',
+    'assets',
+    'data',
+    'doctors.json',
+  );
+  const rawFile = fs.readFileSync(sourcePath, 'utf8');
+  const doctors = JSON.parse(rawFile).doctors || [];
+  const connection = await mysql.createConnection({
+    host: process.env.DB_HOST || '127.0.0.1',
+    port: Number(process.env.DB_PORT || 3306),
+    user: process.env.DB_USER || 'root',
+    password: process.env.DB_PASSWORD || '',
+    database: process.env.DB_NAME || 'care_people',
+  });
+  try {
+    for (const doctor of doctors) {
+      const passwordHash = await bcrypt.hash(String(doctor.password), 10);
+      await connection.execute(
+        `
+          INSERT INTO doctors (
+            id,
+            name,
+            department,
+            designation,
+            degrees,
+            room_number,
+            consultation_fee,
+            consultation_days,
+            consultation_times,
+            password_hash,
+            is_active
+          ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 1)
+          ON DUPLICATE KEY UPDATE
+            name = VALUES(name),
+            department = VALUES(department),
+            designation = VALUES(designation),
+            degrees = VALUES(degrees),
+            room_number = VALUES(room_number),
+            consultation_fee = VALUES(consultation_fee),
+            consultation_days = VALUES(consultation_days),
+            consultation_times = VALUES(consultation_times),
+            password_hash = VALUES(password_hash),
+            is_active = VALUES(is_active)
+        `,
+        [
+          doctor.id,
+          doctor.name,
+          doctor.department,
+          doctor.designation,
+          doctor.degrees,
+          doctor.roomNumber,
+          doctor.consultationFee,
+          JSON.stringify(doctor.consultationDays),
+          doctor.consultationTimes,
+          passwordHash,
+        ],
+      );
+    }
+    console.log(`Seeded ${doctors.length} doctors successfully.`);
+  } finally {
+    await connection.end();
+  }
+}
+seedDoctors().catch((error) => {
+  console.error('Failed to seed doctors.');
+  console.error(error);
+  process.exit(1);
+});

package-lock.json ADDED Viewed

	@@ -0,0 +1,1470 @@

+{
+  "name": "care_people_backend",
+  "version": "1.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "care_people_backend",
+      "version": "1.0.0",
+      "license": "ISC",
+      "dependencies": {
+        "bcryptjs": "^3.0.3",
+        "cors": "^2.8.6",
+        "dotenv": "^17.3.1",
+        "express": "^5.2.1",
+        "jsonwebtoken": "^9.0.3",
+        "mysql2": "^3.20.0"
+      },
+      "devDependencies": {
+        "nodemon": "^3.1.14"
+      }
+    },
+    "node_modules/@types/node": {
+      "version": "25.5.0",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.5.0.tgz",
+      "integrity": "sha512-jp2P3tQMSxWugkCUKLRPVUpGaL5MVFwF8RDuSRztfwgN1wmqJeMSbKlnEtQqU8UrhTmzEmZdu2I6v2dpp7XIxw==",
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "undici-types": "~7.18.0"
+      }
+    },
+    "node_modules/accepts": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/accepts/-/accepts-2.0.0.tgz",
+      "integrity": "sha512-5cvg6CtKwfgdmVqY1WIiXKc3Q1bkRqGLi+2W/6ao+6Y7gu/RCwRuAhGEzh5B4KlszSuTLgZYuqFqo5bImjNKng==",
+      "license": "MIT",
+      "dependencies": {
+        "mime-types": "^3.0.0",
+        "negotiator": "^1.0.0"
+      },
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/anymatch": {
+      "version": "3.1.3",
+      "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz",
+      "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "normalize-path": "^3.0.0",
+        "picomatch": "^2.0.4"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/aws-ssl-profiles": {
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/aws-ssl-profiles/-/aws-ssl-profiles-1.1.2.tgz",
+      "integrity": "sha512-NZKeq9AfyQvEeNlN0zSYAaWrmBffJh3IELMZfRpJVWgrpEbtEpnjvzqBPf+mxoI287JohRDoa+/nsfqqiZmF6g==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 6.0.0"
+      }
+    },
+    "node_modules/balanced-match": {
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
+      "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": "18 || 20 || >=22"
+      }
+    },
+    "node_modules/bcryptjs": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-3.0.3.tgz",
+      "integrity": "sha512-GlF5wPWnSa/X5LKM1o0wz0suXIINz1iHRLvTS+sLyi7XPbe5ycmYI3DlZqVGZZtDgl4DmasFg7gOB3JYbphV5g==",
+      "license": "BSD-3-Clause",
+      "bin": {
+        "bcrypt": "bin/bcrypt"
+      }
+    },
+    "node_modules/binary-extensions": {
+      "version": "2.3.0",
+      "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz",
+      "integrity": "sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/body-parser": {
+      "version": "2.2.2",
+      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.2.2.tgz",
+      "integrity": "sha512-oP5VkATKlNwcgvxi0vM0p/D3n2C3EReYVX+DNYs5TjZFn/oQt2j+4sVJtSMr18pdRr8wjTcBl6LoV+FUwzPmNA==",
+      "license": "MIT",
+      "dependencies": {
+        "bytes": "^3.1.2",
+        "content-type": "^1.0.5",
+        "debug": "^4.4.3",
+        "http-errors": "^2.0.0",
+        "iconv-lite": "^0.7.0",
+        "on-finished": "^2.4.1",
+        "qs": "^6.14.1",
+        "raw-body": "^3.0.1",
+        "type-is": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/brace-expansion": {
+      "version": "5.0.5",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.5.tgz",
+      "integrity": "sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "balanced-match": "^4.0.2"
+      },
+      "engines": {
+        "node": "18 || 20 || >=22"
+      }
+    },
+    "node_modules/braces": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+      "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "fill-range": "^7.1.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/buffer-equal-constant-time": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz",
+      "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==",
+      "license": "BSD-3-Clause"
+    },
+    "node_modules/bytes": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz",
+      "integrity": "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/call-bind-apply-helpers": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz",
+      "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==",
+      "license": "MIT",
+      "dependencies": {
+        "es-errors": "^1.3.0",
+        "function-bind": "^1.1.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/call-bound": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz",
+      "integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==",
+      "license": "MIT",
+      "dependencies": {
+        "call-bind-apply-helpers": "^1.0.2",
+        "get-intrinsic": "^1.3.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/chokidar": {
+      "version": "3.6.0",
+      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.6.0.tgz",
+      "integrity": "sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "anymatch": "~3.1.2",
+        "braces": "~3.0.2",
+        "glob-parent": "~5.1.2",
+        "is-binary-path": "~2.1.0",
+        "is-glob": "~4.0.1",
+        "normalize-path": "~3.0.0",
+        "readdirp": "~3.6.0"
+      },
+      "engines": {
+        "node": ">= 8.10.0"
+      },
+      "funding": {
+        "url": "https://paulmillr.com/funding/"
+      },
+      "optionalDependencies": {
+        "fsevents": "~2.3.2"
+      }
+    },
+    "node_modules/content-disposition": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-1.0.1.tgz",
+      "integrity": "sha512-oIXISMynqSqm241k6kcQ5UwttDILMK4BiurCfGEREw6+X9jkkpEe5T9FZaApyLGGOnFuyMWZpdolTXMtvEJ08Q==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=18"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/content-type": {
+      "version": "1.0.5",
+      "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz",
+      "integrity": "sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/cookie": {
+      "version": "0.7.2",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz",
+      "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/cookie-signature": {
+      "version": "1.2.2",
+      "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.2.2.tgz",
+      "integrity": "sha512-D76uU73ulSXrD1UXF4KE2TMxVVwhsnCgfAyTg9k8P6KGZjlXKrOLe4dJQKI3Bxi5wjesZoFXJWElNWBjPZMbhg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.6.0"
+      }
+    },
+    "node_modules/cors": {
+      "version": "2.8.6",
+      "resolved": "https://registry.npmjs.org/cors/-/cors-2.8.6.tgz",
+      "integrity": "sha512-tJtZBBHA6vjIAaF6EnIaq6laBBP9aq/Y3ouVJjEfoHbRBcHBAHYcMh/w8LDrk2PvIMMq8gmopa5D4V8RmbrxGw==",
+      "license": "MIT",
+      "dependencies": {
+        "object-assign": "^4",
+        "vary": "^1"
+      },
+      "engines": {
+        "node": ">= 0.10"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/debug": {
+      "version": "4.4.3",
+      "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
+      "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
+      "license": "MIT",
+      "dependencies": {
+        "ms": "^2.1.3"
+      },
+      "engines": {
+        "node": ">=6.0"
+      },
+      "peerDependenciesMeta": {
+        "supports-color": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/denque": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz",
+      "integrity": "sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==",
+      "license": "Apache-2.0",
+      "engines": {
+        "node": ">=0.10"
+      }
+    },
+    "node_modules/depd": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
+      "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/dotenv": {
+      "version": "17.3.1",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-17.3.1.tgz",
+      "integrity": "sha512-IO8C/dzEb6O3F9/twg6ZLXz164a2fhTnEWb95H23Dm4OuN+92NmEAlTrupP9VW6Jm3sO26tQlqyvyi4CsnY9GA==",
+      "license": "BSD-2-Clause",
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://dotenvx.com"
+      }
+    },
+    "node_modules/dunder-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz",
+      "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==",
+      "license": "MIT",
+      "dependencies": {
+        "call-bind-apply-helpers": "^1.0.1",
+        "es-errors": "^1.3.0",
+        "gopd": "^1.2.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/ecdsa-sig-formatter": {
+      "version": "1.0.11",
+      "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz",
+      "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==",
+      "license": "Apache-2.0",
+      "dependencies": {
+        "safe-buffer": "^5.0.1"
+      }
+    },
+    "node_modules/ee-first": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz",
+      "integrity": "sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==",
+      "license": "MIT"
+    },
+    "node_modules/encodeurl": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-2.0.0.tgz",
+      "integrity": "sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/es-define-property": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz",
+      "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/es-errors": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz",
+      "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/es-object-atoms": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz",
+      "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==",
+      "license": "MIT",
+      "dependencies": {
+        "es-errors": "^1.3.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/escape-html": {
+      "version": "1.0.3",
+      "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz",
+      "integrity": "sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==",
+      "license": "MIT"
+    },
+    "node_modules/etag": {
+      "version": "1.8.1",
+      "resolved": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz",
+      "integrity": "sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/express": {
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/express/-/express-5.2.1.tgz",
+      "integrity": "sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==",
+      "license": "MIT",
+      "dependencies": {
+        "accepts": "^2.0.0",
+        "body-parser": "^2.2.1",
+        "content-disposition": "^1.0.0",
+        "content-type": "^1.0.5",
+        "cookie": "^0.7.1",
+        "cookie-signature": "^1.2.1",
+        "debug": "^4.4.0",
+        "depd": "^2.0.0",
+        "encodeurl": "^2.0.0",
+        "escape-html": "^1.0.3",
+        "etag": "^1.8.1",
+        "finalhandler": "^2.1.0",
+        "fresh": "^2.0.0",
+        "http-errors": "^2.0.0",
+        "merge-descriptors": "^2.0.0",
+        "mime-types": "^3.0.0",
+        "on-finished": "^2.4.1",
+        "once": "^1.4.0",
+        "parseurl": "^1.3.3",
+        "proxy-addr": "^2.0.7",
+        "qs": "^6.14.0",
+        "range-parser": "^1.2.1",
+        "router": "^2.2.0",
+        "send": "^1.1.0",
+        "serve-static": "^2.2.0",
+        "statuses": "^2.0.1",
+        "type-is": "^2.0.1",
+        "vary": "^1.1.2"
+      },
+      "engines": {
+        "node": ">= 18"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/fill-range": {
+      "version": "7.1.1",
+      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
+      "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "to-regex-range": "^5.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/finalhandler": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-2.1.1.tgz",
+      "integrity": "sha512-S8KoZgRZN+a5rNwqTxlZZePjT/4cnm0ROV70LedRHZ0p8u9fRID0hJUZQpkKLzro8LfmC8sx23bY6tVNxv8pQA==",
+      "license": "MIT",
+      "dependencies": {
+        "debug": "^4.4.0",
+        "encodeurl": "^2.0.0",
+        "escape-html": "^1.0.3",
+        "on-finished": "^2.4.1",
+        "parseurl": "^1.3.3",
+        "statuses": "^2.0.1"
+      },
+      "engines": {
+        "node": ">= 18.0.0"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/forwarded": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz",
+      "integrity": "sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/fresh": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/fresh/-/fresh-2.0.0.tgz",
+      "integrity": "sha512-Rx/WycZ60HOaqLKAi6cHRKKI7zxWbJ31MhntmtwMoaTeF7XFH9hhBp8vITaMidfljRQ6eYWCKkaTK+ykVJHP2A==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/fsevents": {
+      "version": "2.3.3",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
+      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
+    "node_modules/function-bind": {
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
+      "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/generate-function": {
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/generate-function/-/generate-function-2.3.1.tgz",
+      "integrity": "sha512-eeB5GfMNeevm/GRYq20ShmsaGcmI81kIX2K9XQx5miC8KdHaC6Jm0qQ8ZNeGOi7wYB8OsdxKs+Y2oVuTFuVwKQ==",
+      "license": "MIT",
+      "dependencies": {
+        "is-property": "^1.0.2"
+      }
+    },
+    "node_modules/get-intrinsic": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz",
+      "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==",
+      "license": "MIT",
+      "dependencies": {
+        "call-bind-apply-helpers": "^1.0.2",
+        "es-define-property": "^1.0.1",
+        "es-errors": "^1.3.0",
+        "es-object-atoms": "^1.1.1",
+        "function-bind": "^1.1.2",
+        "get-proto": "^1.0.1",
+        "gopd": "^1.2.0",
+        "has-symbols": "^1.1.0",
+        "hasown": "^2.0.2",
+        "math-intrinsics": "^1.1.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/get-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz",
+      "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==",
+      "license": "MIT",
+      "dependencies": {
+        "dunder-proto": "^1.0.1",
+        "es-object-atoms": "^1.0.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/glob-parent": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+      "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "is-glob": "^4.0.1"
+      },
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/gopd": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz",
+      "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/has-flag": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
+      "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/has-symbols": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz",
+      "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/hasown": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz",
+      "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==",
+      "license": "MIT",
+      "dependencies": {
+        "function-bind": "^1.1.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/http-errors": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+      "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+      "license": "MIT",
+      "dependencies": {
+        "depd": "~2.0.0",
+        "inherits": "~2.0.4",
+        "setprototypeof": "~1.2.0",
+        "statuses": "~2.0.2",
+        "toidentifier": "~1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.8"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/iconv-lite": {
+      "version": "0.7.2",
+      "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.7.2.tgz",
+      "integrity": "sha512-im9DjEDQ55s9fL4EYzOAv0yMqmMBSZp6G0VvFyTMPKWxiSBHUj9NW/qqLmXUwXrrM7AvqSlTCfvqRb0cM8yYqw==",
+      "license": "MIT",
+      "dependencies": {
+        "safer-buffer": ">= 2.1.2 < 3.0.0"
+      },
+      "engines": {
+        "node": ">=0.10.0"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/ignore-by-default": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/ignore-by-default/-/ignore-by-default-1.0.1.tgz",
+      "integrity": "sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==",
+      "dev": true,
+      "license": "ISC"
+    },
+    "node_modules/inherits": {
+      "version": "2.0.4",
+      "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
+      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
+      "license": "ISC"
+    },
+    "node_modules/ipaddr.js": {
+      "version": "1.9.1",
+      "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
+      "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
+    "node_modules/is-binary-path": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz",
+      "integrity": "sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "binary-extensions": "^2.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/is-extglob": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz",
+      "integrity": "sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/is-glob": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz",
+      "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "is-extglob": "^2.1.1"
+      },
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/is-number": {
+      "version": "7.0.0",
+      "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
+      "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.12.0"
+      }
+    },
+    "node_modules/is-promise": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-4.0.0.tgz",
+      "integrity": "sha512-hvpoI6korhJMnej285dSg6nu1+e6uxs7zG3BYAm5byqDsgJNWwxzM6z6iZiAgQR4TJ30JmBTOwqZUw3WlyH3AQ==",
+      "license": "MIT"
+    },
+    "node_modules/is-property": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/is-property/-/is-property-1.0.2.tgz",
+      "integrity": "sha512-Ks/IoX00TtClbGQr4TWXemAnktAQvYB7HzcCxDGqEZU6oCmb2INHuOoKxbtR+HFkmYWBKv/dOZtGRiAjDhj92g==",
+      "license": "MIT"
+    },
+    "node_modules/jsonwebtoken": {
+      "version": "9.0.3",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.3.tgz",
+      "integrity": "sha512-MT/xP0CrubFRNLNKvxJ2BYfy53Zkm++5bX9dtuPbqAeQpTVe0MQTFhao8+Cp//EmJp244xt6Drw/GVEGCUj40g==",
+      "license": "MIT",
+      "dependencies": {
+        "jws": "^4.0.1",
+        "lodash.includes": "^4.3.0",
+        "lodash.isboolean": "^3.0.3",
+        "lodash.isinteger": "^4.0.4",
+        "lodash.isnumber": "^3.0.3",
+        "lodash.isplainobject": "^4.0.6",
+        "lodash.isstring": "^4.0.1",
+        "lodash.once": "^4.0.0",
+        "ms": "^2.1.1",
+        "semver": "^7.5.4"
+      },
+      "engines": {
+        "node": ">=12",
+        "npm": ">=6"
+      }
+    },
+    "node_modules/jwa": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/jwa/-/jwa-2.0.1.tgz",
+      "integrity": "sha512-hRF04fqJIP8Abbkq5NKGN0Bbr3JxlQ+qhZufXVr0DvujKy93ZCbXZMHDL4EOtodSbCWxOqR8MS1tXA5hwqCXDg==",
+      "license": "MIT",
+      "dependencies": {
+        "buffer-equal-constant-time": "^1.0.1",
+        "ecdsa-sig-formatter": "1.0.11",
+        "safe-buffer": "^5.0.1"
+      }
+    },
+    "node_modules/jws": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/jws/-/jws-4.0.1.tgz",
+      "integrity": "sha512-EKI/M/yqPncGUUh44xz0PxSidXFr/+r0pA70+gIYhjv+et7yxM+s29Y+VGDkovRofQem0fs7Uvf4+YmAdyRduA==",
+      "license": "MIT",
+      "dependencies": {
+        "jwa": "^2.0.1",
+        "safe-buffer": "^5.0.1"
+      }
+    },
+    "node_modules/lodash.includes": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
+      "integrity": "sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w==",
+      "license": "MIT"
+    },
+    "node_modules/lodash.isboolean": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz",
+      "integrity": "sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg==",
+      "license": "MIT"
+    },
+    "node_modules/lodash.isinteger": {
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz",
+      "integrity": "sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA==",
+      "license": "MIT"
+    },
+    "node_modules/lodash.isnumber": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz",
+      "integrity": "sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw==",
+      "license": "MIT"
+    },
+    "node_modules/lodash.isplainobject": {
+      "version": "4.0.6",
+      "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz",
+      "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA==",
+      "license": "MIT"
+    },
+    "node_modules/lodash.isstring": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz",
+      "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw==",
+      "license": "MIT"
+    },
+    "node_modules/lodash.once": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz",
+      "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg==",
+      "license": "MIT"
+    },
+    "node_modules/long": {
+      "version": "5.3.2",
+      "resolved": "https://registry.npmjs.org/long/-/long-5.3.2.tgz",
+      "integrity": "sha512-mNAgZ1GmyNhD7AuqnTG3/VQ26o760+ZYBPKjPvugO8+nLbYfX6TVpJPseBvopbdY+qpZ/lKUnmEc1LeZYS3QAA==",
+      "license": "Apache-2.0"
+    },
+    "node_modules/lru.min": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/lru.min/-/lru.min-1.1.4.tgz",
+      "integrity": "sha512-DqC6n3QQ77zdFpCMASA1a3Jlb64Hv2N2DciFGkO/4L9+q/IpIAuRlKOvCXabtRW6cQf8usbmM6BE/TOPysCdIA==",
+      "license": "MIT",
+      "engines": {
+        "bun": ">=1.0.0",
+        "deno": ">=1.30.0",
+        "node": ">=8.0.0"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/wellwelwel"
+      }
+    },
+    "node_modules/math-intrinsics": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz",
+      "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/media-typer": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-1.1.0.tgz",
+      "integrity": "sha512-aisnrDP4GNe06UcKFnV5bfMNPBUw4jsLGaWwWfnH3v02GnBuXX2MCVn5RbrWo0j3pczUilYblq7fQ7Nw2t5XKw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/merge-descriptors": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-2.0.0.tgz",
+      "integrity": "sha512-Snk314V5ayFLhp3fkUREub6WtjBfPdCPY1Ln8/8munuLuiYhsABgBVWsozAG+MWMbVEvcdcpbi9R7ww22l9Q3g==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=18"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/mime-db": {
+      "version": "1.54.0",
+      "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.54.0.tgz",
+      "integrity": "sha512-aU5EJuIN2WDemCcAp2vFBfp/m4EAhWJnUNSSw0ixs7/kXbd6Pg64EmwJkNdFhB8aWt1sH2CTXrLxo/iAGV3oPQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/mime-types": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-3.0.2.tgz",
+      "integrity": "sha512-Lbgzdk0h4juoQ9fCKXW4by0UJqj+nOOrI9MJ1sSj4nI8aI2eo1qmvQEie4VD1glsS250n15LsWsYtCugiStS5A==",
+      "license": "MIT",
+      "dependencies": {
+        "mime-db": "^1.54.0"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/minimatch": {
+      "version": "10.2.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.5.tgz",
+      "integrity": "sha512-MULkVLfKGYDFYejP07QOurDLLQpcjk7Fw+7jXS2R2czRQzR56yHRveU5NDJEOviH+hETZKSkIk5c+T23GjFUMg==",
+      "dev": true,
+      "license": "BlueOak-1.0.0",
+      "dependencies": {
+        "brace-expansion": "^5.0.5"
+      },
+      "engines": {
+        "node": "18 || 20 || >=22"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/ms": {
+      "version": "2.1.3",
+      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
+      "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
+      "license": "MIT"
+    },
+    "node_modules/mysql2": {
+      "version": "3.20.0",
+      "resolved": "https://registry.npmjs.org/mysql2/-/mysql2-3.20.0.tgz",
+      "integrity": "sha512-eCLUs7BNbgA6nf/MZXsaBO1SfGs0LtLVrJD3WeWq+jPLDWkSufTD+aGMwykfUVPdZnblaUK1a8G/P63cl9FkKg==",
+      "license": "MIT",
+      "dependencies": {
+        "aws-ssl-profiles": "^1.1.2",
+        "denque": "^2.1.0",
+        "generate-function": "^2.3.1",
+        "iconv-lite": "^0.7.2",
+        "long": "^5.3.2",
+        "lru.min": "^1.1.4",
+        "named-placeholders": "^1.1.6",
+        "sql-escaper": "^1.3.3"
+      },
+      "engines": {
+        "node": ">= 8.0"
+      },
+      "peerDependencies": {
+        "@types/node": ">= 8"
+      }
+    },
+    "node_modules/named-placeholders": {
+      "version": "1.1.6",
+      "resolved": "https://registry.npmjs.org/named-placeholders/-/named-placeholders-1.1.6.tgz",
+      "integrity": "sha512-Tz09sEL2EEuv5fFowm419c1+a/jSMiBjI9gHxVLrVdbUkkNUUfjsVYs9pVZu5oCon/kmRh9TfLEObFtkVxmY0w==",
+      "license": "MIT",
+      "dependencies": {
+        "lru.min": "^1.1.0"
+      },
+      "engines": {
+        "node": ">=8.0.0"
+      }
+    },
+    "node_modules/negotiator": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-1.0.0.tgz",
+      "integrity": "sha512-8Ofs/AUQh8MaEcrlq5xOX0CQ9ypTF5dl78mjlMNfOK08fzpgTHQRQPBxcPlEtIw0yRpws+Zo/3r+5WRby7u3Gg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/nodemon": {
+      "version": "3.1.14",
+      "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-3.1.14.tgz",
+      "integrity": "sha512-jakjZi93UtB3jHMWsXL68FXSAosbLfY0In5gtKq3niLSkrWznrVBzXFNOEMJUfc9+Ke7SHWoAZsiMkNP3vq6Jw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "chokidar": "^3.5.2",
+        "debug": "^4",
+        "ignore-by-default": "^1.0.1",
+        "minimatch": "^10.2.1",
+        "pstree.remy": "^1.1.8",
+        "semver": "^7.5.3",
+        "simple-update-notifier": "^2.0.0",
+        "supports-color": "^5.5.0",
+        "touch": "^3.1.0",
+        "undefsafe": "^2.0.5"
+      },
+      "bin": {
+        "nodemon": "bin/nodemon.js"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/nodemon"
+      }
+    },
+    "node_modules/normalize-path": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
+      "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/object-assign": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
+      "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/object-inspect": {
+      "version": "1.13.4",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz",
+      "integrity": "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/on-finished": {
+      "version": "2.4.1",
+      "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz",
+      "integrity": "sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==",
+      "license": "MIT",
+      "dependencies": {
+        "ee-first": "1.1.1"
+      },
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/once": {
+      "version": "1.4.0",
+      "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
+      "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==",
+      "license": "ISC",
+      "dependencies": {
+        "wrappy": "1"
+      }
+    },
+    "node_modules/parseurl": {
+      "version": "1.3.3",
+      "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
+      "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/path-to-regexp": {
+      "version": "8.4.1",
+      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.4.1.tgz",
+      "integrity": "sha512-fvU78fIjZ+SBM9YwCknCvKOUKkLVqtWDVctl0s7xIqfmfb38t2TT4ZU2gHm+Z8xGwgW+QWEU3oQSAzIbo89Ggw==",
+      "license": "MIT",
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/picomatch": {
+      "version": "2.3.2",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.2.tgz",
+      "integrity": "sha512-V7+vQEJ06Z+c5tSye8S+nHUfI51xoXIXjHQ99cQtKUkQqqO1kO/KCJUfZXuB47h/YBlDhah2H3hdUGXn8ie0oA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=8.6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/proxy-addr": {
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz",
+      "integrity": "sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg==",
+      "license": "MIT",
+      "dependencies": {
+        "forwarded": "0.2.0",
+        "ipaddr.js": "1.9.1"
+      },
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
+    "node_modules/pstree.remy": {
+      "version": "1.1.8",
+      "resolved": "https://registry.npmjs.org/pstree.remy/-/pstree.remy-1.1.8.tgz",
+      "integrity": "sha512-77DZwxQmxKnu3aR542U+X8FypNzbfJ+C5XQDk3uWjWxn6151aIMGthWYRXTqT1E5oJvg+ljaa2OJi+VfvCOQ8w==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/qs": {
+      "version": "6.15.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.0.tgz",
+      "integrity": "sha512-mAZTtNCeetKMH+pSjrb76NAM8V9a05I9aBZOHztWy/UqcJdQYNsf59vrRKWnojAT9Y+GbIvoTBC++CPHqpDBhQ==",
+      "license": "BSD-3-Clause",
+      "dependencies": {
+        "side-channel": "^1.1.0"
+      },
+      "engines": {
+        "node": ">=0.6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/range-parser": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
+      "integrity": "sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/raw-body": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-3.0.2.tgz",
+      "integrity": "sha512-K5zQjDllxWkf7Z5xJdV0/B0WTNqx6vxG70zJE4N0kBs4LovmEYWJzQGxC9bS9RAKu3bgM40lrd5zoLJ12MQ5BA==",
+      "license": "MIT",
+      "dependencies": {
+        "bytes": "~3.1.2",
+        "http-errors": "~2.0.1",
+        "iconv-lite": "~0.7.0",
+        "unpipe": "~1.0.0"
+      },
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
+    "node_modules/readdirp": {
+      "version": "3.6.0",
+      "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz",
+      "integrity": "sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "picomatch": "^2.2.1"
+      },
+      "engines": {
+        "node": ">=8.10.0"
+      }
+    },
+    "node_modules/router": {
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/router/-/router-2.2.0.tgz",
+      "integrity": "sha512-nLTrUKm2UyiL7rlhapu/Zl45FwNgkZGaCpZbIHajDYgwlJCOzLSk+cIPAnsEqV955GjILJnKbdQC1nVPz+gAYQ==",
+      "license": "MIT",
+      "dependencies": {
+        "debug": "^4.4.0",
+        "depd": "^2.0.0",
+        "is-promise": "^4.0.0",
+        "parseurl": "^1.3.3",
+        "path-to-regexp": "^8.0.0"
+      },
+      "engines": {
+        "node": ">= 18"
+      }
+    },
+    "node_modules/safe-buffer": {
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+      "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/feross"
+        },
+        {
+          "type": "patreon",
+          "url": "https://www.patreon.com/feross"
+        },
+        {
+          "type": "consulting",
+          "url": "https://feross.org/support"
+        }
+      ],
+      "license": "MIT"
+    },
+    "node_modules/safer-buffer": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
+      "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==",
+      "license": "MIT"
+    },
+    "node_modules/semver": {
+      "version": "7.7.4",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.4.tgz",
+      "integrity": "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==",
+      "license": "ISC",
+      "bin": {
+        "semver": "bin/semver.js"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/send": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/send/-/send-1.2.1.tgz",
+      "integrity": "sha512-1gnZf7DFcoIcajTjTwjwuDjzuz4PPcY2StKPlsGAQ1+YH20IRVrBaXSWmdjowTJ6u8Rc01PoYOGHXfP1mYcZNQ==",
+      "license": "MIT",
+      "dependencies": {
+        "debug": "^4.4.3",
+        "encodeurl": "^2.0.0",
+        "escape-html": "^1.0.3",
+        "etag": "^1.8.1",
+        "fresh": "^2.0.0",
+        "http-errors": "^2.0.1",
+        "mime-types": "^3.0.2",
+        "ms": "^2.1.3",
+        "on-finished": "^2.4.1",
+        "range-parser": "^1.2.1",
+        "statuses": "^2.0.2"
+      },
+      "engines": {
+        "node": ">= 18"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/serve-static": {
+      "version": "2.2.1",
+      "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-2.2.1.tgz",
+      "integrity": "sha512-xRXBn0pPqQTVQiC8wyQrKs2MOlX24zQ0POGaj0kultvoOCstBQM5yvOhAVSUwOMjQtTvsPWoNCHfPGwaaQJhTw==",
+      "license": "MIT",
+      "dependencies": {
+        "encodeurl": "^2.0.0",
+        "escape-html": "^1.0.3",
+        "parseurl": "^1.3.3",
+        "send": "^1.2.0"
+      },
+      "engines": {
+        "node": ">= 18"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/setprototypeof": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz",
+      "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==",
+      "license": "ISC"
+    },
+    "node_modules/side-channel": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.0.tgz",
+      "integrity": "sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==",
+      "license": "MIT",
+      "dependencies": {
+        "es-errors": "^1.3.0",
+        "object-inspect": "^1.13.3",
+        "side-channel-list": "^1.0.0",
+        "side-channel-map": "^1.0.1",
+        "side-channel-weakmap": "^1.0.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/side-channel-list": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/side-channel-list/-/side-channel-list-1.0.0.tgz",
+      "integrity": "sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA==",
+      "license": "MIT",
+      "dependencies": {
+        "es-errors": "^1.3.0",
+        "object-inspect": "^1.13.3"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/side-channel-map": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/side-channel-map/-/side-channel-map-1.0.1.tgz",
+      "integrity": "sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA==",
+      "license": "MIT",
+      "dependencies": {
+        "call-bound": "^1.0.2",
+        "es-errors": "^1.3.0",
+        "get-intrinsic": "^1.2.5",
+        "object-inspect": "^1.13.3"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/side-channel-weakmap": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz",
+      "integrity": "sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A==",
+      "license": "MIT",
+      "dependencies": {
+        "call-bound": "^1.0.2",
+        "es-errors": "^1.3.0",
+        "get-intrinsic": "^1.2.5",
+        "object-inspect": "^1.13.3",
+        "side-channel-map": "^1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/simple-update-notifier": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/simple-update-notifier/-/simple-update-notifier-2.0.0.tgz",
+      "integrity": "sha512-a2B9Y0KlNXl9u/vsW6sTIu9vGEpfKu2wRV6l1H3XEas/0gUIzGzBoP/IouTcUQbm9JWZLH3COxyn03TYlFax6w==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "semver": "^7.5.3"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/sql-escaper": {
+      "version": "1.3.3",
+      "resolved": "https://registry.npmjs.org/sql-escaper/-/sql-escaper-1.3.3.tgz",
+      "integrity": "sha512-BsTCV265VpTp8tm1wyIm1xqQCS+Q9NHx2Sr+WcnUrgLrQ6yiDIvHYJV5gHxsj1lMBy2zm5twLaZao8Jd+S8JJw==",
+      "license": "MIT",
+      "engines": {
+        "bun": ">=1.0.0",
+        "deno": ">=2.0.0",
+        "node": ">=12.0.0"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/mysqljs/sql-escaper?sponsor=1"
+      }
+    },
+    "node_modules/statuses": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+      "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/supports-color": {
+      "version": "5.5.0",
+      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
+      "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "has-flag": "^3.0.0"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/to-regex-range": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
+      "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "is-number": "^7.0.0"
+      },
+      "engines": {
+        "node": ">=8.0"
+      }
+    },
+    "node_modules/toidentifier": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz",
+      "integrity": "sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.6"
+      }
+    },
+    "node_modules/touch": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/touch/-/touch-3.1.1.tgz",
+      "integrity": "sha512-r0eojU4bI8MnHr8c5bNo7lJDdI2qXlWWJk6a9EAFG7vbhTjElYhBVS3/miuE0uOuoLdb8Mc/rVfsmm6eo5o9GA==",
+      "dev": true,
+      "license": "ISC",
+      "bin": {
+        "nodetouch": "bin/nodetouch.js"
+      }
+    },
+    "node_modules/type-is": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/type-is/-/type-is-2.0.1.tgz",
+      "integrity": "sha512-OZs6gsjF4vMp32qrCbiVSkrFmXtG/AZhY3t0iAMrMBiAZyV9oALtXO8hsrHbMXF9x6L3grlFuwW2oAz7cav+Gw==",
+      "license": "MIT",
+      "dependencies": {
+        "content-type": "^1.0.5",
+        "media-typer": "^1.1.0",
+        "mime-types": "^3.0.0"
+      },
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/undefsafe": {
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/undefsafe/-/undefsafe-2.0.5.tgz",
+      "integrity": "sha512-WxONCrssBM8TSPRqN5EmsjVrsv4A8X12J4ArBiiayv3DyyG3ZlIg6yysuuSYdZsVz3TKcTg2fd//Ujd4CHV1iA==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/undici-types": {
+      "version": "7.18.2",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz",
+      "integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==",
+      "license": "MIT",
+      "peer": true
+    },
+    "node_modules/unpipe": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",
+      "integrity": "sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/vary": {
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
+      "integrity": "sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
+    "node_modules/wrappy": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
+      "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==",
+      "license": "ISC"
+    }
+  }
+}

package.json ADDED Viewed

	@@ -0,0 +1,35 @@

+{
+  "name": "care_people_backend",
+  "version": "1.0.0",
+  "description": "Care People backend powered by Express and MySQL.",
+  "main": "src/server.js",
+  "scripts": {
+    "start": "node src/server.js",
+    "dev": "nodemon src/server.js",
+    "db:init": "node database/apply_schema.js",
+    "db:seed": "node database/seed_doctors.js"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/shishu25/carePeople.git"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "type": "commonjs",
+  "bugs": {
+    "url": "https://github.com/shishu25/carePeople/issues"
+  },
+  "homepage": "https://github.com/shishu25/carePeople#readme",
+  "dependencies": {
+    "bcryptjs": "^3.0.3",
+    "cors": "^2.8.6",
+    "dotenv": "^17.3.1",
+    "express": "^5.2.1",
+    "jsonwebtoken": "^9.0.3",
+    "mysql2": "^3.20.0"
+  },
+  "devDependencies": {
+    "nodemon": "^3.1.14"
+  }
+}

postman/care_people.postman_collection.json ADDED Viewed

	@@ -0,0 +1,291 @@

+{
+  "info": {
+    "name": "Care People Backend",
+    "_postman_id": "5eb7f81c-8c29-4df3-b696-7a3f3c0b1f2a",
+    "description": "Postman collection for the Care People Express + MySQL backend.",
+    "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
+  },
+  "variable": [
+    { "key": "baseUrl", "value": "http://localhost:3000" },
+    { "key": "patientPhone", "value": "01712345678" },
+    { "key": "patientEmail", "value": "patient@example.com" },
+    { "key": "patientOtp", "value": "" },
+    { "key": "patientAccessToken", "value": "" },
+    { "key": "patientRefreshToken", "value": "" },
+    { "key": "doctorId", "value": "DOC001" },
+    { "key": "doctorPassword", "value": "Kamal@1234" },
+    { "key": "doctorAccessToken", "value": "" },
+    { "key": "doctorRefreshToken", "value": "" },
+    { "key": "appointmentDate", "value": "2026-04-06" },
+    { "key": "timeSlot", "value": "09:00 AM" },
+    { "key": "aiSymptoms", "value": "Fever, sore throat, and body pain since last night" },
+    { "key": "aiSeverity", "value": "Medium" },
+    { "key": "doctorAiGoal", "value": "Consult Note" },
+    { "key": "doctorAiInput", "value": "52 year old with chest discomfort for 2 days, no syncope, mild dizziness, blood pressure not yet recorded." },
+    { "key": "appointmentId", "value": "" },
+    { "key": "prescriptionId", "value": "" }
+  ],
+  "item": [
+    {
+      "name": "Health",
+      "request": {
+        "method": "GET",
+        "url": "{{baseUrl}}/health"
+      }
+    },
+    {
+      "name": "Send Patient OTP",
+      "event": [
+        {
+          "listen": "test",
+          "script": {
+            "exec": [
+              "const data = pm.response.json().data || {};",
+              "if (data.otpCode) { pm.collectionVariables.set('patientOtp', data.otpCode); }"
+            ],
+            "type": "text/javascript"
+          }
+        }
+      ],
+      "request": {
+        "method": "POST",
+        "header": [
+          { "key": "Content-Type", "value": "application/json" }
+        ],
+        "body": {
+          "mode": "raw",
+          "raw": "{\n  \"phoneNumber\": \"{{patientPhone}}\",\n  \"email\": \"{{patientEmail}}\"\n}"
+        },
+        "url": "{{baseUrl}}/api/v1/auth/patient/send-otp"
+      }
+    },
+    {
+      "name": "Verify Patient OTP",
+      "event": [
+        {
+          "listen": "test",
+          "script": {
+            "exec": [
+              "const data = pm.response.json().data || {};",
+              "pm.collectionVariables.set('patientAccessToken', data.accessToken || '');",
+              "pm.collectionVariables.set('patientRefreshToken', data.refreshToken || '');"
+            ],
+            "type": "text/javascript"
+          }
+        }
+      ],
+      "request": {
+        "method": "POST",
+        "header": [
+          { "key": "Content-Type", "value": "application/json" }
+        ],
+        "body": {
+          "mode": "raw",
+          "raw": "{\n  \"phoneNumber\": \"{{patientPhone}}\",\n  \"email\": \"{{patientEmail}}\",\n  \"otpCode\": \"{{patientOtp}}\"\n}"
+        },
+        "url": "{{baseUrl}}/api/v1/auth/patient/verify-otp"
+      }
+    },
+    {
+      "name": "Save Patient Profile",
+      "request": {
+        "method": "PUT",
+        "header": [
+          { "key": "Content-Type", "value": "application/json" },
+          { "key": "Authorization", "value": "Bearer {{patientAccessToken}}" }
+        ],
+        "body": {
+          "mode": "raw",
+          "raw": "{\n  \"email\": \"{{patientEmail}}\",\n  \"name\": \"Md Rahim\",\n  \"dateOfBirth\": \"1998-02-14\",\n  \"address\": \"Dhaka, Bangladesh\",\n  \"gender\": \"Male\"\n}"
+        },
+        "url": "{{baseUrl}}/api/v1/patients/me"
+      }
+    },
+    {
+      "name": "List Doctors",
+      "request": {
+        "method": "GET",
+        "url": "{{baseUrl}}/api/v1/doctors"
+      }
+    },
+    {
+      "name": "Get Doctor Detail",
+      "request": {
+        "method": "GET",
+        "url": "{{baseUrl}}/api/v1/doctors/{{doctorId}}"
+      }
+    },
+    {
+      "name": "Doctor Availability",
+      "request": {
+        "method": "GET",
+        "url": "{{baseUrl}}/api/v1/appointments/doctor/{{doctorId}}/availability?date={{appointmentDate}}"
+      }
+    },
+    {
+      "name": "Create Appointment",
+      "event": [
+        {
+          "listen": "test",
+          "script": {
+            "exec": [
+              "const data = pm.response.json().data || {};",
+              "if (data.id) { pm.collectionVariables.set('appointmentId', String(data.id)); }"
+            ],
+            "type": "text/javascript"
+          }
+        }
+      ],
+      "request": {
+        "method": "POST",
+        "header": [
+          { "key": "Content-Type", "value": "application/json" },
+          { "key": "Authorization", "value": "Bearer {{patientAccessToken}}" }
+        ],
+        "body": {
+          "mode": "raw",
+          "raw": "{\n  \"doctorId\": \"{{doctorId}}\",\n  \"date\": \"{{appointmentDate}}\",\n  \"timeSlot\": \"{{timeSlot}}\",\n  \"notes\": \"Chest pain for 2 days\"\n}"
+        },
+        "url": "{{baseUrl}}/api/v1/appointments"
+      }
+    },
+    {
+      "name": "Patient AI Suggestion",
+      "request": {
+        "method": "POST",
+        "header": [
+          { "key": "Content-Type", "value": "application/json" },
+          { "key": "Authorization", "value": "Bearer {{patientAccessToken}}" }
+        ],
+        "body": {
+          "mode": "raw",
+          "raw": "{\n  \"symptoms\": \"{{aiSymptoms}}\",\n  \"severity\": \"{{aiSeverity}}\"\n}"
+        },
+        "url": "{{baseUrl}}/api/v1/ai/patient-suggestion"
+      }
+    },
+    {
+      "name": "List Patient Appointments",
+      "request": {
+        "method": "GET",
+        "header": [
+          { "key": "Authorization", "value": "Bearer {{patientAccessToken}}" }
+        ],
+        "url": "{{baseUrl}}/api/v1/appointments/patient/me"
+      }
+    },
+    {
+      "name": "Doctor Login",
+      "event": [
+        {
+          "listen": "test",
+          "script": {
+            "exec": [
+              "const data = pm.response.json().data || {};",
+              "pm.collectionVariables.set('doctorAccessToken', data.accessToken || '');",
+              "pm.collectionVariables.set('doctorRefreshToken', data.refreshToken || '');"
+            ],
+            "type": "text/javascript"
+          }
+        }
+      ],
+      "request": {
+        "method": "POST",
+        "header": [
+          { "key": "Content-Type", "value": "application/json" }
+        ],
+        "body": {
+          "mode": "raw",
+          "raw": "{\n  \"doctorId\": \"{{doctorId}}\",\n  \"password\": \"{{doctorPassword}}\"\n}"
+        },
+        "url": "{{baseUrl}}/api/v1/auth/doctor/login"
+      }
+    },
+    {
+      "name": "List Doctor Appointments",
+      "request": {
+        "method": "GET",
+        "header": [
+          { "key": "Authorization", "value": "Bearer {{doctorAccessToken}}" }
+        ],
+        "url": "{{baseUrl}}/api/v1/appointments/doctor/me"
+      }
+    },
+    {
+      "name": "Doctor AI Assistant",
+      "request": {
+        "method": "POST",
+        "header": [
+          { "key": "Content-Type", "value": "application/json" },
+          { "key": "Authorization", "value": "Bearer {{doctorAccessToken}}" }
+        ],
+        "body": {
+          "mode": "raw",
+          "raw": "{\n  \"goal\": \"{{doctorAiGoal}}\",\n  \"input\": \"{{doctorAiInput}}\"\n}"
+        },
+        "url": "{{baseUrl}}/api/v1/ai/doctor-assistant"
+      }
+    },
+    {
+      "name": "Create Prescription",
+      "event": [
+        {
+          "listen": "test",
+          "script": {
+            "exec": [
+              "const data = pm.response.json().data || {};",
+              "if (data.id) { pm.collectionVariables.set('prescriptionId', data.id); }"
+            ],
+            "type": "text/javascript"
+          }
+        }
+      ],
+      "request": {
+        "method": "POST",
+        "header": [
+          { "key": "Content-Type", "value": "application/json" },
+          { "key": "Authorization", "value": "Bearer {{doctorAccessToken}}" }
+        ],
+        "body": {
+          "mode": "raw",
+          "raw": "{\n  \"appointmentId\": {{appointmentId}},\n  \"diagnosis\": [\n    \"Hypertension\",\n    \"Chest discomfort\"\n  ],\n  \"medicines\": [\n    {\n      \"name\": \"Amlodipine\",\n      \"dosage\": \"5 mg\",\n      \"frequency\": \"Once daily\",\n      \"duration\": \"30 days\",\n      \"notes\": \"After breakfast\"\n    }\n  ],\n  \"additionalNotes\": \"Reduce salt intake\",\n  \"pdfPath\": null\n}"
+        },
+        "url": "{{baseUrl}}/api/v1/prescriptions"
+      }
+    },
+    {
+      "name": "List Patient Prescriptions",
+      "request": {
+        "method": "GET",
+        "header": [
+          { "key": "Authorization", "value": "Bearer {{patientAccessToken}}" }
+        ],
+        "url": "{{baseUrl}}/api/v1/prescriptions/patient/me"
+      }
+    },
+    {
+      "name": "List Doctor Prescriptions",
+      "request": {
+        "method": "GET",
+        "header": [
+          { "key": "Authorization", "value": "Bearer {{doctorAccessToken}}" }
+        ],
+        "url": "{{baseUrl}}/api/v1/prescriptions/doctor/me"
+      }
+    },
+    {
+      "name": "Refresh Patient Token",
+      "request": {
+        "method": "POST",
+        "header": [
+          { "key": "Content-Type", "value": "application/json" }
+        ],
+        "body": {
+          "mode": "raw",
+          "raw": "{\n  \"refreshToken\": \"{{patientRefreshToken}}\"\n}"
+        },
+        "url": "{{baseUrl}}/api/v1/auth/refresh"
+      }
+    }
+  ]
+}

src/app.js ADDED Viewed

	@@ -0,0 +1,45 @@

+const express = require('express');
+const cors = require('cors');
+const env = require('./config/env');
+const apiRoutes = require('./routes');
+const healthRoutes = require('./routes/health.routes');
+const { errorHandler, notFoundHandler } = require('./middleware/errorHandler');
+const app = express();
+const corsOptions = {
+  origin(origin, callback) {
+    if (!origin || env.frontendOrigins.length === 0) {
+      return callback(null, true);
+    }
+    if (env.frontendOrigins.includes(origin)) {
+      return callback(null, true);
+    }
+    return callback(new Error(`Origin not allowed: ${origin}`));
+  },
+};
+app.use(cors(corsOptions));
+app.use(express.json());
+app.get('/', (_req, res) => {
+  res.json({
+    success: true,
+    message: 'Care People backend is running.',
+    data: {
+      apiPrefix: '/api/v1',
+      health: '/health',
+    },
+    errorCode: null,
+  });
+});
+app.use('/health', healthRoutes);
+app.use('/api/v1', apiRoutes);
+app.use(notFoundHandler);
+app.use(errorHandler);
+module.exports = app;

src/config/db.js ADDED Viewed

	@@ -0,0 +1,42 @@

+const mysql = require('mysql2/promise');
+const env = require('./env');
+const pool = mysql.createPool({
+  host: env.dbHost,
+  port: env.dbPort,
+  user: env.dbUser,
+  password: env.dbPassword,
+  database: env.dbName,
+  waitForConnections: true,
+  connectionLimit: 10,
+  queueLimit: 0,
+  namedPlaceholders: true,
+  dateStrings: true,
+});
+async function query(sql, params = {}) {
+  const [rows] = await pool.execute(sql, params);
+  return rows;
+}
+async function withTransaction(callback) {
+  const connection = await pool.getConnection();
+  try {
+    await connection.beginTransaction();
+    const result = await callback(connection);
+    await connection.commit();
+    return result;
+  } catch (error) {
+    await connection.rollback();
+    throw error;
+  } finally {
+    connection.release();
+  }
+}
+module.exports = {
+  pool,
+  query,
+  withTransaction,
+};

src/config/env.js ADDED Viewed

	@@ -0,0 +1,52 @@

+const path = require('path');
+const dotenv = require('dotenv');
+dotenv.config({ path: path.resolve(__dirname, '..', '..', '.env') });
+function toNumber(value, fallback) {
+  const parsed = Number(value);
+  return Number.isFinite(parsed) ? parsed : fallback;
+}
+function toBoolean(value, fallback) {
+  if (value === undefined) {
+    return fallback;
+  }
+  return String(value).toLowerCase() === 'true';
+}
+const env = {
+  port: toNumber(process.env.PORT, 3000),
+  appEnv: process.env.APP_ENV || 'development',
+  frontendOrigins: (process.env.FRONTEND_ORIGINS || '')
+    .split(',')
+    .map((origin) => origin.trim())
+    .filter(Boolean),
+  dbHost: process.env.DB_HOST || '127.0.0.1',
+  dbPort: toNumber(process.env.DB_PORT, 3306),
+  dbName: process.env.DB_NAME || 'care_people',
+  dbUser: process.env.DB_USER || 'root',
+  dbPassword: process.env.DB_PASSWORD || '',
+  jwtSecret: process.env.JWT_SECRET || 'change-this-access-secret',
+  jwtRefreshSecret:
+    process.env.JWT_REFRESH_SECRET || 'change-this-refresh-secret',
+  accessTokenMinutes: toNumber(process.env.ACCESS_TOKEN_MINUTES, 60),
+  refreshTokenDays: toNumber(process.env.REFRESH_TOKEN_DAYS, 2),
+  otpDevMode: toBoolean(process.env.OTP_DEV_MODE, true),
+  otpTtlMinutes: toNumber(process.env.OTP_TTL_MINUTES, 5),
+  otpLength: toNumber(process.env.OTP_LENGTH, 6),
+  mailchimpTransactionalEnabled: toBoolean(
+    process.env.MAILCHIMP_TRANSACTIONAL_ENABLED,
+    false,
+  ),
+  mailchimpTransactionalApiKey:
+    process.env.MAILCHIMP_TRANSACTIONAL_API_KEY || '',
+  mailchimpFromEmail: process.env.MAILCHIMP_FROM_EMAIL || '',
+  mailchimpFromName: process.env.MAILCHIMP_FROM_NAME || 'Care People',
+  mailchimpReplyTo: process.env.MAILCHIMP_REPLY_TO || '',
+  groqApiKey: process.env.GROQ_API_KEY || '',
+  groqModel: process.env.GROQ_MODEL || 'llama-3.1-8b-instant',
+};
+module.exports = env;

src/middleware/auth.js ADDED Viewed

	@@ -0,0 +1,41 @@

+const HttpError = require('../utils/httpError');
+const { verifyAccessToken } = require('../utils/tokens');
+function requireAuth(expectedRole) {
+  return (req, _res, next) => {
+    const authHeader = req.headers.authorization || '';
+    if (!authHeader.startsWith('Bearer ')) {
+      return next(
+        new HttpError(401, 'Missing Bearer token.', 'AUTH_TOKEN_MISSING'),
+      );
+    }
+    try {
+      const token = authHeader.slice(7);
+      const payload = verifyAccessToken(token);
+      if (expectedRole && payload.role !== expectedRole) {
+        return next(
+          new HttpError(403, 'You are not allowed to use this route.', 'FORBIDDEN'),
+        );
+      }
+      req.auth = {
+        userType: payload.role,
+        userIdentifier: payload.sub,
+        sessionId: payload.sessionId,
+      };
+      return next();
+    } catch (_error) {
+      return next(
+        new HttpError(401, 'Invalid or expired access token.', 'AUTH_INVALID'),
+      );
+    }
+  };
+}
+module.exports = {
+  requireAuth,
+};

src/middleware/errorHandler.js ADDED Viewed

	@@ -0,0 +1,27 @@

+function notFoundHandler(req, _res, next) {
+  const error = new Error(`Route not found: ${req.method} ${req.originalUrl}`);
+  error.statusCode = 404;
+  error.errorCode = 'ROUTE_NOT_FOUND';
+  next(error);
+}
+function errorHandler(error, _req, res, _next) {
+  const statusCode = error.statusCode || 500;
+  const errorCode = error.errorCode || 'INTERNAL_ERROR';
+  if (statusCode >= 500) {
+    console.error(error);
+  }
+  res.status(statusCode).json({
+    success: false,
+    message: error.message || 'Unexpected server error.',
+    data: null,
+    errorCode,
+  });
+}
+module.exports = {
+  notFoundHandler,
+  errorHandler,
+};

src/routes/ai.routes.js ADDED Viewed

	@@ -0,0 +1,36 @@

+const express = require('express');
+const { requireAuth } = require('../middleware/auth');
+const {
+  generateDoctorAssistantDraft,
+  generatePatientSuggestion,
+} = require('../services/ai.service');
+const { sendSuccess } = require('../utils/apiResponse');
+const router = express.Router();
+router.post('/patient-suggestion', requireAuth('patient'), async (req, res) => {
+  const suggestion = await generatePatientSuggestion({
+    symptoms: req.body.symptoms,
+    severity: req.body.severity,
+  });
+  return sendSuccess(res, {
+    message: 'AI patient suggestion generated successfully.',
+    data: suggestion,
+  });
+});
+router.post('/doctor-assistant', requireAuth('doctor'), async (req, res) => {
+  const draft = await generateDoctorAssistantDraft({
+    goal: req.body.goal,
+    input: req.body.input,
+  });
+  return sendSuccess(res, {
+    message: 'AI doctor assistant draft generated successfully.',
+    data: draft,
+  });
+});
+module.exports = router;

src/routes/appointments.routes.js ADDED Viewed

	@@ -0,0 +1,80 @@

+const express = require('express');
+const { requireAuth } = require('../middleware/auth');
+const {
+  createAppointment,
+  getDoctorAvailability,
+  listDoctorAppointments,
+  listPatientAppointments,
+  updateAppointmentStatus,
+} = require('../services/appointments.service');
+const { sendSuccess } = require('../utils/apiResponse');
+const router = express.Router();
+router.get('/doctor/:doctorId/availability', async (req, res) => {
+  const availability = await getDoctorAvailability(
+    req.params.doctorId,
+    req.query.date,
+  );
+  return sendSuccess(res, {
+    message: 'Doctor availability fetched successfully.',
+    data: availability,
+  });
+});
+router.get('/patient/me', requireAuth('patient'), async (req, res) => {
+  const appointments = await listPatientAppointments(req.auth.userIdentifier);
+  return sendSuccess(res, {
+    message: 'Patient appointments fetched successfully.',
+    data: {
+      appointments,
+      total: appointments.length,
+    },
+  });
+});
+router.get('/doctor/me', requireAuth('doctor'), async (req, res) => {
+  const appointments = await listDoctorAppointments(req.auth.userIdentifier);
+  return sendSuccess(res, {
+    message: 'Doctor appointments fetched successfully.',
+    data: {
+      appointments,
+      total: appointments.length,
+    },
+  });
+});
+router.post('/', requireAuth('patient'), async (req, res) => {
+  const appointment = await createAppointment({
+    doctorId: String(req.body.doctorId || '').trim().toUpperCase(),
+    patientPhone: req.auth.userIdentifier,
+    appointmentDate: req.body.date,
+    timeSlot: req.body.timeSlot,
+    notes: req.body.notes,
+  });
+  return sendSuccess(res, {
+    status: 201,
+    message: 'Appointment created successfully.',
+    data: appointment,
+  });
+});
+router.patch('/:appointmentId/status', requireAuth('doctor'), async (req, res) => {
+  const appointment = await updateAppointmentStatus({
+    appointmentId: Number(req.params.appointmentId),
+    doctorId: req.auth.userIdentifier,
+    status: req.body.status,
+  });
+  return sendSuccess(res, {
+    message: 'Appointment status updated successfully.',
+    data: appointment,
+  });
+});
+module.exports = router;

src/routes/auth.routes.js ADDED Viewed

	@@ -0,0 +1,183 @@

+const bcrypt = require('bcryptjs');
+const express = require('express');
+const env = require('../config/env');
+const { issueSessionTokens, refreshSession, revokeSession } = require('../services/auth.service');
+const { getDoctorForLogin } = require('../services/doctors.service');
+const { getPatientByPhone, patientEmailMatches } = require('../services/patients.service');
+const { sendOtpEmail } = require('../services/mailchimp.service');
+const { createOtp, verifyOtp } = require('../utils/otpStore');
+const { sendSuccess } = require('../utils/apiResponse');
+const { maskEmail, validateEmail } = require('../utils/email');
+const HttpError = require('../utils/httpError');
+const { mapDoctor } = require('../utils/serializers');
+const { validatePhone } = require('../utils/phone');
+const router = express.Router();
+function buildPatientOtpKey(phoneNumber, email) {
+  return `${phoneNumber}:${email}`;
+}
+router.post('/patient/send-otp', async (req, res) => {
+  const phoneNumber = validatePhone(req.body.phoneNumber);
+  const email = validateEmail(req.body.email);
+  const patient = await getPatientByPhone(phoneNumber);
+  if (!patientEmailMatches(patient, email)) {
+    throw new HttpError(
+      409,
+      'This email address does not match the saved patient profile.',
+      'EMAIL_MISMATCH',
+    );
+  }
+  const otpPayload = createOtp(buildPatientOtpKey(phoneNumber, email));
+  const emailDelivery = await sendOtpEmail({
+    email,
+    otpCode: otpPayload.otpCode,
+    expiresInMinutes: env.otpTtlMinutes,
+  });
+  return sendSuccess(res, {
+    message: 'OTP sent to email successfully.',
+    data: {
+      phoneNumber,
+      email,
+      maskedEmail: maskEmail(email),
+      deliveryChannel: 'email',
+      provider: emailDelivery.provider,
+      expiresInSeconds: env.otpTtlMinutes * 60,
+      otpCode: env.otpDevMode ? otpPayload.otpCode : null,
+    },
+  });
+});
+router.post('/patient/verify-otp', async (req, res) => {
+  const phoneNumber = validatePhone(req.body.phoneNumber);
+  const email = validateEmail(req.body.email);
+  const otpCode = String(req.body.otpCode || '').trim();
+  if (!otpCode) {
+    throw new HttpError(400, 'otpCode is required.', 'OTP_REQUIRED');
+  }
+  if (!verifyOtp(buildPatientOtpKey(phoneNumber, email), otpCode)) {
+    throw new HttpError(401, 'Invalid or expired OTP.', 'OTP_INVALID');
+  }
+  const patient = await getPatientByPhone(phoneNumber);
+  if (!patientEmailMatches(patient, email)) {
+    throw new HttpError(
+      409,
+      'This email address does not match the saved patient profile.',
+      'EMAIL_MISMATCH',
+    );
+  }
+  const tokens = await issueSessionTokens({
+    userType: 'patient',
+    userIdentifier: phoneNumber,
+    metadata: {
+      phoneNumber,
+      email,
+    },
+  });
+  return sendSuccess(res, {
+    message: 'Patient logged in successfully.',
+    data: {
+      ...tokens,
+      tokenType: 'Bearer',
+      userExists: Boolean(patient),
+      patient,
+    },
+  });
+});
+router.post('/doctor/login', async (req, res) => {
+  const doctorId = String(req.body.doctorId || '').trim().toUpperCase();
+  const password = String(req.body.password || '');
+  if (!doctorId || !password) {
+    throw new HttpError(
+      400,
+      'doctorId and password are required.',
+      'LOGIN_FIELDS_REQUIRED',
+    );
+  }
+  const doctorRow = await getDoctorForLogin(doctorId);
+  if (!doctorRow || !doctorRow.is_active) {
+    throw new HttpError(
+      401,
+      'Invalid Doctor ID or password.',
+      'DOCTOR_LOGIN_FAILED',
+    );
+  }
+  const passwordMatches = await bcrypt.compare(password, doctorRow.password_hash);
+  if (!passwordMatches) {
+    throw new HttpError(
+      401,
+      'Invalid Doctor ID or password.',
+      'DOCTOR_LOGIN_FAILED',
+    );
+  }
+  const tokens = await issueSessionTokens({
+    userType: 'doctor',
+    userIdentifier: doctorRow.id,
+    metadata: {
+      doctorId: doctorRow.id,
+    },
+  });
+  return sendSuccess(res, {
+    message: 'Doctor logged in successfully.',
+    data: {
+      ...tokens,
+      tokenType: 'Bearer',
+      doctor: mapDoctor(doctorRow),
+    },
+  });
+});
+router.post('/refresh', async (req, res) => {
+  const refreshToken = String(req.body.refreshToken || '').trim();
+  if (!refreshToken) {
+    throw new HttpError(
+      400,
+      'refreshToken is required.',
+      'REFRESH_TOKEN_REQUIRED',
+    );
+  }
+  const tokens = await refreshSession(refreshToken);
+  return sendSuccess(res, {
+    message: 'Token refreshed successfully.',
+    data: {
+      ...tokens,
+      tokenType: 'Bearer',
+    },
+  });
+});
+router.post('/logout', async (req, res) => {
+  const refreshToken = String(req.body.refreshToken || '').trim();
+  if (refreshToken) {
+    await revokeSession(refreshToken);
+  }
+  return sendSuccess(res, {
+    message: 'Session logged out successfully.',
+  });
+});
+module.exports = router;

src/routes/doctors.routes.js ADDED Viewed

	@@ -0,0 +1,33 @@

+const express = require('express');
+const { getDoctorById, listDoctors } = require('../services/doctors.service');
+const { sendSuccess } = require('../utils/apiResponse');
+const router = express.Router();
+router.get('/', async (req, res) => {
+  const doctors = await listDoctors({
+    department: req.query.department,
+    search: req.query.search,
+    day: req.query.day,
+  });
+  return sendSuccess(res, {
+    message: 'Doctors fetched successfully.',
+    data: {
+      doctors,
+      total: doctors.length,
+    },
+  });
+});
+router.get('/:doctorId', async (req, res) => {
+  const doctor = await getDoctorById(req.params.doctorId);
+  return sendSuccess(res, {
+    message: 'Doctor fetched successfully.',
+    data: doctor,
+  });
+});
+module.exports = router;

src/routes/health.routes.js ADDED Viewed

	@@ -0,0 +1,19 @@

+const express = require('express');
+const { query } = require('../config/db');
+const { sendSuccess } = require('../utils/apiResponse');
+const router = express.Router();
+router.get('/', async (_req, res) => {
+  await query('SELECT 1 AS db_ok');
+  return sendSuccess(res, {
+    message: 'Care People backend is healthy.',
+    data: {
+      status: 'ok',
+      database: 'connected',
+    },
+  });
+});
+module.exports = router;

src/routes/index.js ADDED Viewed

	@@ -0,0 +1,19 @@

+const express = require('express');
+const aiRoutes = require('./ai.routes');
+const authRoutes = require('./auth.routes');
+const doctorRoutes = require('./doctors.routes');
+const patientRoutes = require('./patients.routes');
+const appointmentRoutes = require('./appointments.routes');
+const prescriptionRoutes = require('./prescriptions.routes');
+const router = express.Router();
+router.use('/ai', aiRoutes);
+router.use('/auth', authRoutes);
+router.use('/doctors', doctorRoutes);
+router.use('/patients', patientRoutes);
+router.use('/appointments', appointmentRoutes);
+router.use('/prescriptions', prescriptionRoutes);
+module.exports = router;

src/routes/patients.routes.js ADDED Viewed

	@@ -0,0 +1,36 @@

+const express = require('express');
+const { requireAuth } = require('../middleware/auth');
+const { getPatientOrThrow, upsertPatient } = require('../services/patients.service');
+const { sendSuccess } = require('../utils/apiResponse');
+const router = express.Router();
+router.use(requireAuth('patient'));
+router.get('/me', async (req, res) => {
+  const patient = await getPatientOrThrow(req.auth.userIdentifier);
+  return sendSuccess(res, {
+    message: 'Patient profile fetched successfully.',
+    data: patient,
+  });
+});
+router.put('/me', async (req, res) => {
+  const patient = await upsertPatient({
+    phoneNumber: req.auth.userIdentifier,
+    email: req.body.email,
+    name: req.body.name,
+    dateOfBirth: req.body.dateOfBirth,
+    address: req.body.address,
+    gender: req.body.gender,
+  });
+  return sendSuccess(res, {
+    message: 'Patient profile saved successfully.',
+    data: patient,
+  });
+});
+module.exports = router;

src/routes/prescriptions.routes.js ADDED Viewed

	@@ -0,0 +1,54 @@

+const express = require('express');
+const { requireAuth } = require('../middleware/auth');
+const {
+  createPrescription,
+  listDoctorPrescriptions,
+  listPatientPrescriptions,
+} = require('../services/prescriptions.service');
+const { sendSuccess } = require('../utils/apiResponse');
+const router = express.Router();
+router.get('/patient/me', requireAuth('patient'), async (req, res) => {
+  const prescriptions = await listPatientPrescriptions(req.auth.userIdentifier);
+  return sendSuccess(res, {
+    message: 'Patient prescriptions fetched successfully.',
+    data: {
+      prescriptions,
+      total: prescriptions.length,
+    },
+  });
+});
+router.get('/doctor/me', requireAuth('doctor'), async (req, res) => {
+  const prescriptions = await listDoctorPrescriptions(req.auth.userIdentifier);
+  return sendSuccess(res, {
+    message: 'Doctor prescriptions fetched successfully.',
+    data: {
+      prescriptions,
+      total: prescriptions.length,
+    },
+  });
+});
+router.post('/', requireAuth('doctor'), async (req, res) => {
+  const prescription = await createPrescription({
+    doctorId: req.auth.userIdentifier,
+    appointmentId: Number(req.body.appointmentId),
+    diagnosis: req.body.diagnosis,
+    medicines: req.body.medicines,
+    additionalNotes: req.body.additionalNotes,
+    pdfPath: req.body.pdfPath,
+  });
+  return sendSuccess(res, {
+    status: 201,
+    message: 'Prescription created successfully.',
+    data: prescription,
+  });
+});
+module.exports = router;

src/server.js ADDED Viewed

	@@ -0,0 +1,19 @@

+const app = require('./app');
+const env = require('./config/env');
+const { query } = require('./config/db');
+async function startServer() {
+  await query('SELECT 1 AS db_ok');
+  app.listen(env.port, () => {
+    console.log(
+      `Care People backend listening on http://localhost:${env.port}`,
+    );
+  });
+}
+startServer().catch((error) => {
+  console.error('Failed to start the backend server.');
+  console.error(error);
+  process.exit(1);
+});

src/services/ai.service.js ADDED Viewed

	@@ -0,0 +1,342 @@

+const env = require('../config/env');
+const HttpError = require('../utils/httpError');
+const GROQ_CHAT_COMPLETIONS_URL =
+  'https://api.groq.com/openai/v1/chat/completions';
+const PATIENT_URGENCY_LEVELS = new Set(['routine', 'priority', 'emergency']);
+const DOCTOR_GOALS = new Set([
+  'Consult Note',
+  'Follow-up Advice',
+  'Prescription Check',
+]);
+function requireGroqConfig() {
+  if (!env.groqApiKey) {
+    throw new HttpError(
+      500,
+      'Groq API is not configured on the server.',
+      'AI_PROVIDER_NOT_CONFIGURED',
+    );
+  }
+}
+function normalizeSeverity(value) {
+  const normalized = String(value || '').trim().toLowerCase();
+  if (normalized === 'mild') {
+    return 'Mild';
+  }
+  if (normalized === 'medium') {
+    return 'Medium';
+  }
+  if (normalized === 'high') {
+    return 'High';
+  }
+  throw new HttpError(
+    400,
+    'Severity must be Mild, Medium, or High.',
+    'INVALID_SEVERITY',
+  );
+}
+function normalizeDoctorGoal(value) {
+  const goal = String(value || '').trim();
+  if (!DOCTOR_GOALS.has(goal)) {
+    throw new HttpError(
+      400,
+      'Goal must be Consult Note, Follow-up Advice, or Prescription Check.',
+      'INVALID_AI_GOAL',
+    );
+  }
+  return goal;
+}
+function parseJsonResponse(rawContent) {
+  let content = String(rawContent || '').trim();
+  if (!content) {
+    return null;
+  }
+  const fencedMatch = content.match(/^```(?:json)?\s*([\s\S]*?)\s*```$/i);
+  if (fencedMatch) {
+    content = fencedMatch[1].trim();
+  }
+  try {
+    return JSON.parse(content);
+  } catch (_error) {
+    const objectStart = content.indexOf('{');
+    const objectEnd = content.lastIndexOf('}');
+    if (objectStart === -1 || objectEnd <= objectStart) {
+      return null;
+    }
+    try {
+      return JSON.parse(content.slice(objectStart, objectEnd + 1));
+    } catch (_innerError) {
+      return null;
+    }
+  }
+}
+function normalizeStringList(value, fallback) {
+  if (!Array.isArray(value)) {
+    return fallback;
+  }
+  const items = value
+    .map((item) => String(item || '').trim())
+    .filter(Boolean)
+    .slice(0, 5);
+  return items.length > 0 ? items : fallback;
+}
+function inferPatientUrgency(symptoms, severity) {
+  const normalizedSymptoms = symptoms.toLowerCase();
+  const emergencyKeywords = [
+    'chest pain',
+    'shortness of breath',
+    'trouble breathing',
+    'stroke',
+    'seizure',
+    'heavy bleeding',
+    'passed out',
+    'unconscious',
+  ];
+  if (
+    severity === 'High' ||
+    emergencyKeywords.some((keyword) => normalizedSymptoms.includes(keyword))
+  ) {
+    return 'emergency';
+  }
+  const priorityKeywords = ['fever', 'vomit', 'pain', 'dizzy', 'infection'];
+  if (
+    severity === 'Medium' ||
+    priorityKeywords.some((keyword) => normalizedSymptoms.includes(keyword))
+  ) {
+    return 'priority';
+  }
+  return 'routine';
+}
+function normalizeUrgency(value, fallback) {
+  const urgency = String(value || '').trim().toLowerCase();
+  return PATIENT_URGENCY_LEVELS.has(urgency) ? urgency : fallback;
+}
+function buildPatientFallback(urgencyLevel) {
+  if (urgencyLevel === 'emergency') {
+    return {
+      headline: 'Get urgent medical help now',
+      recommendation:
+        'Your symptom description may need urgent attention. Use Emergency Service in the app or seek immediate medical care.',
+      nextSteps: [
+        'Do not delay getting urgent help.',
+        'Use the Emergency Service contact or go to the nearest emergency facility.',
+        'Avoid self-medicating while symptoms are severe or worsening.',
+      ],
+    };
+  }
+  if (urgencyLevel === 'priority') {
+    return {
+      headline: 'Book a doctor visit soon',
+      recommendation:
+        'A prompt doctor review is recommended. Monitor symptoms closely and book an appointment through the app.',
+      nextSteps: [
+        'Book an appointment as soon as possible.',
+        'Rest, hydrate, and note any new or worsening symptoms.',
+        'Use Emergency Service if you feel unsafe or symptoms become severe.',
+      ],
+    };
+  }
+  return {
+    headline: 'Monitor and arrange routine care',
+    recommendation:
+      'This sounds more suitable for routine follow-up. Keep monitoring symptoms and arrange a standard appointment if they persist.',
+    nextSteps: [
+      'Rest and keep fluids up.',
+      'Track symptoms for changes over the next 24 to 48 hours.',
+      'Book a routine appointment if symptoms continue or worsen.',
+    ],
+  };
+}
+async function requestGroqCompletion(messages) {
+  requireGroqConfig();
+  const response = await fetch(GROQ_CHAT_COMPLETIONS_URL, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      Authorization: `Bearer ${env.groqApiKey}`,
+    },
+    body: JSON.stringify({
+      model: env.groqModel,
+      temperature: 0.2,
+      max_completion_tokens: 700,
+      messages,
+    }),
+  });
+  const payload = await response.json().catch(() => null);
+  if (!response.ok) {
+    throw new HttpError(
+      502,
+      payload?.error?.message ||
+        payload?.message ||
+        'Groq AI request failed.',
+      'AI_PROVIDER_ERROR',
+    );
+  }
+  const content = payload?.choices?.[0]?.message?.content;
+  if (!content || !String(content).trim()) {
+    throw new HttpError(
+      502,
+      'Groq AI returned an empty response.',
+      'AI_EMPTY_RESPONSE',
+    );
+  }
+  return String(content).trim();
+}
+async function generatePatientSuggestion({ symptoms, severity }) {
+  const symptomText = String(symptoms || '').trim();
+  const normalizedSeverity = normalizeSeverity(severity);
+  if (symptomText.length < 6) {
+    throw new HttpError(
+      400,
+      'Please describe the symptoms in a little more detail.',
+      'SYMPTOMS_TOO_SHORT',
+    );
+  }
+  const content = await requestGroqCompletion([
+    {
+      role: 'system',
+      content: [
+        'You are the Care People patient triage assistant.',
+        'Provide brief, careful health guidance based only on the symptom description and severity.',
+        'Do not claim to diagnose, do not prescribe medication, and do not replace a clinician.',
+        'If symptoms sound severe, worsening, or potentially life-threatening, direct the patient to urgent or emergency care immediately.',
+        'Return only valid JSON with these keys:',
+        'headline, urgencyLevel, summary, recommendation, nextSteps, disclaimer.',
+        'urgencyLevel must be one of: routine, priority, emergency.',
+        'summary and recommendation should each stay under 80 words.',
+        'nextSteps must be an array of 2 to 4 concise strings.',
+      ].join(' '),
+    },
+    {
+      role: 'user',
+      content: JSON.stringify({
+        severity: normalizedSeverity,
+        symptoms: symptomText,
+      }),
+    },
+  ]);
+  const parsed = parseJsonResponse(content);
+  const fallbackUrgency = inferPatientUrgency(symptomText, normalizedSeverity);
+  const fallback = buildPatientFallback(fallbackUrgency);
+  return {
+    provider: 'groq',
+    model: env.groqModel,
+    severity: normalizedSeverity,
+    headline: String(parsed?.headline || '').trim() || fallback.headline,
+    urgencyLevel: normalizeUrgency(parsed?.urgencyLevel, fallbackUrgency),
+    summary:
+      String(parsed?.summary || '').trim() ||
+      `Symptoms reported: ${symptomText}. Severity selected: ${normalizedSeverity}.`,
+    recommendation:
+      String(parsed?.recommendation || '').trim() || fallback.recommendation,
+    nextSteps: normalizeStringList(parsed?.nextSteps, fallback.nextSteps),
+    disclaimer:
+      String(parsed?.disclaimer || '').trim() ||
+      'This is general guidance, not a diagnosis. Seek urgent medical care now if symptoms are severe, rapidly worsening, or you feel unsafe.',
+  };
+}
+async function generateDoctorAssistantDraft({ goal, input }) {
+  const normalizedGoal = normalizeDoctorGoal(goal);
+  const workingInput = String(input || '').trim();
+  if (workingInput.length < 10) {
+    throw new HttpError(
+      400,
+      'Please enter more clinical context before generating a draft.',
+      'AI_INPUT_TOO_SHORT',
+    );
+  }
+  const content = await requestGroqCompletion([
+    {
+      role: 'system',
+      content: [
+        'You are the Care People doctor drafting assistant.',
+        'Draft concise clinical text for doctors from the provided notes.',
+        'Do not invent vitals, test results, diagnoses, or medication details that are not present in the input.',
+        'Keep the draft factual and clearly action-oriented.',
+        'Return only valid JSON with these keys: title, draft, bullets, disclaimer.',
+        'bullets must be an array of 2 to 5 concise strings.',
+      ].join(' '),
+    },
+    {
+      role: 'user',
+      content: JSON.stringify({
+        goal: normalizedGoal,
+        input: workingInput,
+      }),
+    },
+  ]);
+  const parsed = parseJsonResponse(content);
+  const fallbackDraftByGoal = {
+    'Consult Note':
+      `Clinical summary based on the provided note:\n${workingInput}\n\nPlan:\n- Review symptom timeline and red flags.\n- Confirm examination findings and diagnosis.\n- Document medications and follow-up clearly.`,
+    'Follow-up Advice':
+      `Follow-up guidance:\n${workingInput}\n\nSuggested follow-up:\n- Reassess symptom progression in the advised timeframe.\n- Return earlier if red-flag symptoms develop.\n- Confirm medication adherence and review any new concerns.`,
+    'Prescription Check':
+      `Prescription safety review:\n${workingInput}\n\nChecklist:\n- Confirm dosage, frequency, and duration.\n- Add meal timing or precautions where relevant.\n- Include return precautions for worsening symptoms.`,
+  };
+  return {
+    provider: 'groq',
+    model: env.groqModel,
+    goal: normalizedGoal,
+    title: String(parsed?.title || '').trim() || `${normalizedGoal} Draft`,
+    draft:
+      String(parsed?.draft || '').trim() || fallbackDraftByGoal[normalizedGoal],
+    bullets: normalizeStringList(parsed?.bullets, [
+      'Review the draft against the actual visit details.',
+      'Add any missing examination findings or medications manually.',
+      'Make sure urgent return precautions are documented when relevant.',
+    ]),
+    disclaimer:
+      String(parsed?.disclaimer || '').trim() ||
+      'AI output is a drafting aid only. The treating doctor must review and finalize all clinical documentation.',
+  };
+}
+module.exports = {
+  generateDoctorAssistantDraft,
+  generatePatientSuggestion,
+};

src/services/appointments.service.js ADDED Viewed

	@@ -0,0 +1,277 @@

+const { query, withTransaction } = require('../config/db');
+const { normalizeDate } = require('../utils/date');
+const HttpError = require('../utils/httpError');
+const { mapAppointment, parseJsonValue } = require('../utils/serializers');
+const APPOINTMENT_SELECT = `
+  SELECT
+    a.id,
+    a.doctor_id,
+    d.name AS doctor_name,
+    d.department AS doctor_department,
+    d.designation AS doctor_designation,
+    d.degrees AS doctor_degrees,
+    a.patient_phone,
+    p.name AS patient_name,
+    a.appointment_date,
+    a.time_slot,
+    a.serial_number,
+    a.status,
+    a.notes,
+    a.created_at,
+    a.updated_at
+  FROM appointments a
+  INNER JOIN doctors d ON d.id = a.doctor_id
+  INNER JOIN patients p ON p.phone_number = a.patient_phone
+`;
+function getWeekdayLabel(dateString) {
+  const [year, month, day] = dateString.split('-').map(Number);
+  return new Date(Date.UTC(year, month - 1, day)).toLocaleDateString('en-US', {
+    weekday: 'long',
+    timeZone: 'UTC',
+  });
+}
+function normalizeStatus(status) {
+  const normalizedStatus = String(status || '').trim().toLowerCase();
+  const allowedStatuses = new Set(['confirmed', 'cancelled', 'completed']);
+  if (!allowedStatuses.has(normalizedStatus)) {
+    throw new HttpError(
+      400,
+      'Status must be confirmed, cancelled, or completed.',
+      'INVALID_STATUS',
+    );
+  }
+  return normalizedStatus;
+}
+async function getAppointmentById(appointmentId) {
+  const rows = await query(
+    `${APPOINTMENT_SELECT} WHERE a.id = :appointmentId LIMIT 1`,
+    { appointmentId },
+  );
+  if (rows.length === 0) {
+    throw new HttpError(404, 'Appointment not found.', 'APPOINTMENT_NOT_FOUND');
+  }
+  return mapAppointment(rows[0]);
+}
+async function listPatientAppointments(patientPhone) {
+  const rows = await query(
+    `${APPOINTMENT_SELECT} WHERE a.patient_phone = :patientPhone ORDER BY a.appointment_date DESC, a.time_slot ASC`,
+    { patientPhone },
+  );
+  return rows.map(mapAppointment);
+}
+async function listDoctorAppointments(doctorId) {
+  const rows = await query(
+    `${APPOINTMENT_SELECT} WHERE a.doctor_id = :doctorId ORDER BY a.appointment_date DESC, a.time_slot ASC`,
+    { doctorId },
+  );
+  return rows.map(mapAppointment);
+}
+async function getDoctorAvailability(doctorId, appointmentDate) {
+  const normalizedDate = normalizeDate(appointmentDate, 'date');
+  const rows = await query(
+    `
+      SELECT time_slot
+      FROM appointments
+      WHERE
+        doctor_id = :doctorId
+        AND appointment_date = :appointmentDate
+        AND status <> 'cancelled'
+      ORDER BY time_slot
+    `,
+    {
+      doctorId,
+      appointmentDate: normalizedDate,
+    },
+  );
+  const serialRows = await query(
+    `
+      SELECT COALESCE(MAX(serial_number), 0) + 1 AS next_serial
+      FROM appointments
+      WHERE
+        doctor_id = :doctorId
+        AND appointment_date = :appointmentDate
+    `,
+    {
+      doctorId,
+      appointmentDate: normalizedDate,
+    },
+  );
+  return {
+    doctorId,
+    date: normalizedDate,
+    bookedTimeSlots: rows.map((row) => row.time_slot),
+    nextSerialNumber: Number(serialRows[0]?.next_serial || 1),
+  };
+}
+async function createAppointment({
+  doctorId,
+  patientPhone,
+  appointmentDate,
+  timeSlot,
+  notes = null,
+}) {
+  const normalizedDate = normalizeDate(appointmentDate, 'date');
+  if (!timeSlot || !String(timeSlot).trim()) {
+    throw new HttpError(400, 'timeSlot is required.', 'INVALID_TIME_SLOT');
+  }
+  const appointmentId = await withTransaction(async (connection) => {
+    const [doctorRows] = await connection.execute(
+      `
+        SELECT
+          id,
+          consultation_days
+        FROM doctors
+        WHERE id = ? AND is_active = 1
+        LIMIT 1
+      `,
+      [doctorId],
+    );
+    if (doctorRows.length === 0) {
+      throw new HttpError(404, 'Doctor not found.', 'DOCTOR_NOT_FOUND');
+    }
+    const availableDays = parseJsonValue(doctorRows[0].consultation_days);
+    const weekdayLabel = getWeekdayLabel(normalizedDate);
+    if (!availableDays.includes(weekdayLabel)) {
+      throw new HttpError(
+        400,
+        `Doctor is not available on ${weekdayLabel}.`,
+        'DOCTOR_UNAVAILABLE',
+      );
+    }
+    const [patientRows] = await connection.execute(
+      `
+        SELECT phone_number
+        FROM patients
+        WHERE phone_number = ?
+        LIMIT 1
+      `,
+      [patientPhone],
+    );
+    if (patientRows.length === 0) {
+      throw new HttpError(404, 'Patient profile not found.', 'PATIENT_NOT_FOUND');
+    }
+    const [takenSlotRows] = await connection.execute(
+      `
+        SELECT id
+        FROM appointments
+        WHERE
+          doctor_id = ?
+          AND appointment_date = ?
+          AND time_slot = ?
+          AND status <> 'cancelled'
+        LIMIT 1
+        FOR UPDATE
+      `,
+      [doctorId, normalizedDate, String(timeSlot).trim()],
+    );
+    if (takenSlotRows.length > 0) {
+      throw new HttpError(
+        409,
+        'This time slot is already booked.',
+        'TIME_SLOT_TAKEN',
+      );
+    }
+    const [serialRows] = await connection.execute(
+      `
+        SELECT COALESCE(MAX(serial_number), 0) + 1 AS next_serial
+        FROM appointments
+        WHERE doctor_id = ? AND appointment_date = ?
+        FOR UPDATE
+      `,
+      [doctorId, normalizedDate],
+    );
+    const nextSerial = Number(serialRows[0].next_serial || 1);
+    const [result] = await connection.execute(
+      `
+        INSERT INTO appointments (
+          doctor_id,
+          patient_phone,
+          appointment_date,
+          time_slot,
+          serial_number,
+          status,
+          notes
+        ) VALUES (?, ?, ?, ?, ?, 'confirmed', ?)
+      `,
+      [
+        doctorId,
+        patientPhone,
+        normalizedDate,
+        String(timeSlot).trim(),
+        nextSerial,
+        notes ? String(notes).trim() : null,
+      ],
+    );
+    return Number(result.insertId);
+  });
+  return getAppointmentById(appointmentId);
+}
+async function updateAppointmentStatus({ appointmentId, doctorId, status }) {
+  const normalizedStatus = normalizeStatus(status);
+  const result = await query(
+    `
+      UPDATE appointments
+      SET
+        status = :status,
+        updated_at = CURRENT_TIMESTAMP
+      WHERE id = :appointmentId AND doctor_id = :doctorId
+    `,
+    {
+      appointmentId,
+      doctorId,
+      status: normalizedStatus,
+    },
+  );
+  if (result.affectedRows === 0) {
+    throw new HttpError(
+      404,
+      'Appointment not found for this doctor.',
+      'APPOINTMENT_NOT_FOUND',
+    );
+  }
+  return getAppointmentById(appointmentId);
+}
+module.exports = {
+  createAppointment,
+  getAppointmentById,
+  getDoctorAvailability,
+  listDoctorAppointments,
+  listPatientAppointments,
+  updateAppointmentStatus,
+};

src/services/auth.service.js ADDED Viewed

	@@ -0,0 +1,164 @@

+const crypto = require('crypto');
+const env = require('../config/env');
+const { query } = require('../config/db');
+const { mysqlDateTimeFromNow } = require('../utils/date');
+const HttpError = require('../utils/httpError');
+const {
+  hashToken,
+  signAccessToken,
+  signRefreshToken,
+  verifyRefreshToken,
+} = require('../utils/tokens');
+function buildTokenPayload({ userType, userIdentifier, sessionId }) {
+  const accessToken = signAccessToken({
+    userType,
+    userIdentifier,
+    sessionId,
+  });
+  const refreshToken = signRefreshToken({
+    userType,
+    userIdentifier,
+    sessionId,
+  });
+  return {
+    accessToken,
+    refreshToken,
+    expiresIn: env.accessTokenMinutes * 60,
+  };
+}
+async function issueSessionTokens({ userType, userIdentifier, metadata = null }) {
+  const sessionId = crypto.randomUUID();
+  const tokens = buildTokenPayload({
+    userType,
+    userIdentifier,
+    sessionId,
+  });
+  await query(
+    `
+      INSERT INTO sessions (
+        id,
+        user_type,
+        user_identifier,
+        refresh_token_hash,
+        expires_at,
+        metadata_json
+      ) VALUES (
+        :id,
+        :userType,
+        :userIdentifier,
+        :refreshTokenHash,
+        :expiresAt,
+        :metadataJson
+      )
+    `,
+    {
+      id: sessionId,
+      userType,
+      userIdentifier,
+      refreshTokenHash: hashToken(tokens.refreshToken),
+      expiresAt: mysqlDateTimeFromNow(env.refreshTokenDays),
+      metadataJson: metadata ? JSON.stringify(metadata) : null,
+    },
+  );
+  return tokens;
+}
+async function refreshSession(refreshToken) {
+  let payload;
+  try {
+    payload = verifyRefreshToken(refreshToken);
+  } catch (_error) {
+    throw new HttpError(
+      401,
+      'Invalid or expired refresh token.',
+      'REFRESH_INVALID',
+    );
+  }
+  const rows = await query(
+    `
+      SELECT
+        id,
+        user_type,
+        user_identifier,
+        refresh_token_hash,
+        expires_at,
+        revoked_at
+      FROM sessions
+      WHERE id = :sessionId
+      LIMIT 1
+    `,
+    { sessionId: payload.sessionId },
+  );
+  if (rows.length === 0) {
+    throw new HttpError(401, 'Session not found.', 'SESSION_NOT_FOUND');
+  }
+  const session = rows[0];
+  if (session.revoked_at) {
+    throw new HttpError(401, 'Session has been revoked.', 'SESSION_REVOKED');
+  }
+  if (hashToken(refreshToken) !== session.refresh_token_hash) {
+    throw new HttpError(401, 'Refresh token does not match.', 'REFRESH_INVALID');
+  }
+  if (new Date(session.expires_at).getTime() < Date.now()) {
+    throw new HttpError(401, 'Session has expired.', 'SESSION_EXPIRED');
+  }
+  const nextTokens = buildTokenPayload({
+    userType: session.user_type,
+    userIdentifier: session.user_identifier,
+    sessionId: session.id,
+  });
+  await query(
+    `
+      UPDATE sessions
+      SET
+        refresh_token_hash = :refreshTokenHash,
+        expires_at = :expiresAt
+      WHERE id = :sessionId
+    `,
+    {
+      refreshTokenHash: hashToken(nextTokens.refreshToken),
+      expiresAt: mysqlDateTimeFromNow(env.refreshTokenDays),
+      sessionId: session.id,
+    },
+  );
+  return nextTokens;
+}
+async function revokeSession(refreshToken) {
+  try {
+    const payload = verifyRefreshToken(refreshToken);
+    await query(
+      `
+        UPDATE sessions
+        SET revoked_at = CURRENT_TIMESTAMP
+        WHERE id = :sessionId
+      `,
+      { sessionId: payload.sessionId },
+    );
+  } catch (_error) {
+    return;
+  }
+}
+module.exports = {
+  issueSessionTokens,
+  refreshSession,
+  revokeSession,
+};

src/services/doctors.service.js ADDED Viewed

	@@ -0,0 +1,95 @@

+const { query } = require('../config/db');
+const HttpError = require('../utils/httpError');
+const { mapDoctor } = require('../utils/serializers');
+const DOCTOR_SELECT = `
+  SELECT
+    id,
+    name,
+    department,
+    designation,
+    degrees,
+    room_number,
+    consultation_fee,
+    consultation_days,
+    consultation_times,
+    is_active,
+    created_at,
+    updated_at
+  FROM doctors
+`;
+async function listDoctors({ department, search, day }) {
+  const whereClauses = ['is_active = 1'];
+  const params = {};
+  if (department) {
+    whereClauses.push('department = :department');
+    params.department = department;
+  }
+  if (search) {
+    whereClauses.push(
+      '(name LIKE :search OR department LIKE :search OR designation LIKE :search)',
+    );
+    params.search = `%${search}%`;
+  }
+  if (day) {
+    whereClauses.push('JSON_CONTAINS(consultation_days, JSON_QUOTE(:day))');
+    params.day = day;
+  }
+  const rows = await query(
+    `${DOCTOR_SELECT} WHERE ${whereClauses.join(' AND ')} ORDER BY department, name`,
+    params,
+  );
+  return rows.map(mapDoctor);
+}
+async function getDoctorById(doctorId) {
+  const rows = await query(
+    `${DOCTOR_SELECT} WHERE id = :doctorId LIMIT 1`,
+    { doctorId: String(doctorId || '').trim().toUpperCase() },
+  );
+  if (rows.length === 0) {
+    throw new HttpError(404, 'Doctor not found.', 'DOCTOR_NOT_FOUND');
+  }
+  return mapDoctor(rows[0]);
+}
+async function getDoctorForLogin(doctorId) {
+  const rows = await query(
+    `
+      SELECT
+        id,
+        name,
+        department,
+        designation,
+        degrees,
+        room_number,
+        consultation_fee,
+        consultation_days,
+        consultation_times,
+        password_hash,
+        is_active,
+        created_at,
+        updated_at
+      FROM doctors
+      WHERE id = :doctorId
+      LIMIT 1
+    `,
+    { doctorId: String(doctorId || '').trim().toUpperCase() },
+  );
+  return rows[0] || null;
+}
+module.exports = {
+  getDoctorById,
+  getDoctorForLogin,
+  listDoctors,
+};

src/services/mailchimp.service.js ADDED Viewed

	@@ -0,0 +1,115 @@

+const env = require('../config/env');
+const HttpError = require('../utils/httpError');
+async function sendOtpEmail({ email, otpCode, expiresInMinutes }) {
+  const subject = `Your Care People OTP is ${otpCode}`;
+  const text = [
+    'Hello,',
+    '',
+    `Your Care People OTP is: ${otpCode}`,
+    '',
+    `This code is valid for ${expiresInMinutes} minutes.`,
+    'Please do not share this code with anyone.',
+    '',
+    '- Care People Team',
+  ].join('\n');
+  const html = `
+    <div style="font-family: Arial, sans-serif; line-height: 1.6; color: #1f2937;">
+      <p>Hello,</p>
+      <p>Your Care People OTP is:</p>
+      <p style="font-size: 28px; font-weight: bold; letter-spacing: 4px;">${otpCode}</p>
+      <p>This code is valid for ${expiresInMinutes} minutes.</p>
+      <p>Please do not share this code with anyone.</p>
+      <p>Care People Team</p>
+    </div>
+  `;
+  if (!env.mailchimpTransactionalEnabled) {
+    if (!env.otpDevMode) {
+      throw new HttpError(
+        500,
+        'Mailchimp Transactional is disabled and OTP dev mode is off.',
+        'EMAIL_PROVIDER_NOT_CONFIGURED',
+      );
+    }
+    console.log(`[DEV EMAIL OTP] ${email} -> ${otpCode}`);
+    return {
+      provider: 'dev',
+      status: 'sent',
+      messageId: null,
+    };
+  }
+  if (!env.mailchimpTransactionalApiKey || !env.mailchimpFromEmail) {
+    throw new HttpError(
+      500,
+      'Mailchimp Transactional is enabled but not fully configured.',
+      'EMAIL_PROVIDER_NOT_CONFIGURED',
+    );
+  }
+  const response = await fetch(
+    'https://mandrillapp.com/api/1.0/messages/send.json',
+    {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+      },
+      body: JSON.stringify({
+        key: env.mailchimpTransactionalApiKey,
+        message: {
+          from_email: env.mailchimpFromEmail,
+          from_name: env.mailchimpFromName,
+          headers: env.mailchimpReplyTo
+            ? { 'Reply-To': env.mailchimpReplyTo }
+            : undefined,
+          subject,
+          text,
+          html,
+          to: [
+            {
+              email,
+              type: 'to',
+            },
+          ],
+          tags: ['otp', 'care-people'],
+        },
+      }),
+    },
+  );
+  const payload = await response.json();
+  if (!response.ok) {
+    throw new HttpError(
+      502,
+      payload.message || 'Mailchimp Transactional request failed.',
+      'EMAIL_PROVIDER_ERROR',
+    );
+  }
+  const firstResult = Array.isArray(payload) ? payload[0] : null;
+  if (
+    !firstResult ||
+    ['rejected', 'invalid'].includes(String(firstResult.status || '').toLowerCase())
+  ) {
+    throw new HttpError(
+      502,
+      firstResult?.reject_reason || 'Mailchimp Transactional rejected the email.',
+      'EMAIL_DELIVERY_FAILED',
+    );
+  }
+  return {
+    provider: 'mailchimp_transactional',
+    status: firstResult.status || 'sent',
+    messageId: firstResult._id || null,
+  };
+}
+module.exports = {
+  sendOtpEmail,
+};

src/services/patients.service.js ADDED Viewed

	@@ -0,0 +1,152 @@

+const { query } = require('../config/db');
+const { normalizeDate } = require('../utils/date');
+const { normalizeEmail, validateEmail } = require('../utils/email');
+const HttpError = require('../utils/httpError');
+const { mapPatient, titleCase } = require('../utils/serializers');
+const ALLOWED_GENDERS = new Set(['male', 'female', 'other']);
+async function getPatientByPhone(phoneNumber) {
+  const rows = await query(
+    `
+      SELECT
+        phone_number,
+        email,
+        name,
+        date_of_birth,
+        address,
+        gender,
+        created_at,
+        updated_at
+      FROM patients
+      WHERE phone_number = :phoneNumber
+      LIMIT 1
+    `,
+    { phoneNumber },
+  );
+  return rows[0] ? mapPatient(rows[0]) : null;
+}
+async function getPatientOrThrow(phoneNumber) {
+  const patient = await getPatientByPhone(phoneNumber);
+  if (!patient) {
+    throw new HttpError(404, 'Patient profile not found.', 'PATIENT_NOT_FOUND');
+  }
+  return patient;
+}
+async function ensureEmailAvailable(email, phoneNumber) {
+  const rows = await query(
+    `
+      SELECT phone_number
+      FROM patients
+      WHERE email = :email AND phone_number <> :phoneNumber
+      LIMIT 1
+    `,
+    {
+      email,
+      phoneNumber,
+    },
+  );
+  if (rows.length > 0) {
+    throw new HttpError(
+      409,
+      'This email address is already used by another patient.',
+      'EMAIL_ALREADY_IN_USE',
+    );
+  }
+}
+async function upsertPatient({
+  phoneNumber,
+  email,
+  name,
+  dateOfBirth,
+  address,
+  gender,
+}) {
+  const normalizedGender = String(gender || '').trim().toLowerCase();
+  const normalizedEmail = validateEmail(email);
+  if (!name || name.trim().length < 3) {
+    throw new HttpError(
+      400,
+      'Name must be at least 3 characters long.',
+      'INVALID_NAME',
+    );
+  }
+  if (!address || !String(address).trim()) {
+    throw new HttpError(400, 'Address is required.', 'INVALID_ADDRESS');
+  }
+  if (!ALLOWED_GENDERS.has(normalizedGender)) {
+    throw new HttpError(
+      400,
+      'Gender must be Male, Female, or Other.',
+      'INVALID_GENDER',
+    );
+  }
+  await ensureEmailAvailable(normalizedEmail, phoneNumber);
+  await query(
+    `
+      INSERT INTO patients (
+        phone_number,
+        email,
+        name,
+        date_of_birth,
+        address,
+        gender
+      ) VALUES (
+        :phoneNumber,
+        :email,
+        :name,
+        :dateOfBirth,
+        :address,
+        :gender
+      )
+      ON DUPLICATE KEY UPDATE
+        email = VALUES(email),
+        name = VALUES(name),
+        date_of_birth = VALUES(date_of_birth),
+        address = VALUES(address),
+        gender = VALUES(gender),
+        updated_at = CURRENT_TIMESTAMP
+    `,
+    {
+      phoneNumber,
+      email: normalizedEmail,
+      name: String(name).trim(),
+      dateOfBirth: normalizeDate(dateOfBirth, 'dateOfBirth'),
+      address: String(address).trim(),
+      gender: normalizedGender,
+    },
+  );
+  const patient = await getPatientOrThrow(phoneNumber);
+  return {
+    ...patient,
+    gender: titleCase(normalizedGender),
+  };
+}
+function patientEmailMatches(patient, email) {
+  if (!patient || !patient.email) {
+    return true;
+  }
+  return normalizeEmail(patient.email) === normalizeEmail(email);
+}
+module.exports = {
+  getPatientByPhone,
+  getPatientOrThrow,
+  patientEmailMatches,
+  upsertPatient,
+};

src/services/prescriptions.service.js ADDED Viewed

	@@ -0,0 +1,305 @@

+const crypto = require('crypto');
+const { query, withTransaction } = require('../config/db');
+const HttpError = require('../utils/httpError');
+const { mapPrescription } = require('../utils/serializers');
+const PRESCRIPTION_SELECT = `
+  SELECT
+    pr.id,
+    pr.appointment_id,
+    pr.doctor_id,
+    d.name AS doctor_name,
+    d.department AS doctor_department,
+    d.designation AS doctor_designation,
+    d.degrees AS doctor_degrees,
+    pr.patient_phone,
+    p.name AS patient_name,
+    pr.appointment_date,
+    pr.issued_at,
+    pr.additional_notes,
+    pr.pdf_path,
+    pr.created_at
+  FROM prescriptions pr
+  INNER JOIN doctors d ON d.id = pr.doctor_id
+  INNER JOIN patients p ON p.phone_number = pr.patient_phone
+`;
+async function loadPrescriptionChildren(prescriptionIds) {
+  if (prescriptionIds.length === 0) {
+    return {
+      diagnosisMap: new Map(),
+      medicineMap: new Map(),
+    };
+  }
+  const placeholders = prescriptionIds.map(() => '?').join(', ');
+  const diagnosisRows = await query(
+    `
+      SELECT
+        prescription_id,
+        diagnosis_text,
+        sort_order
+      FROM prescription_diagnoses
+      WHERE prescription_id IN (${placeholders})
+      ORDER BY prescription_id, sort_order ASC, id ASC
+    `,
+    prescriptionIds,
+  );
+  const medicineRows = await query(
+    `
+      SELECT
+        prescription_id,
+        name,
+        dosage,
+        frequency,
+        duration,
+        notes
+      FROM prescribed_medicines
+      WHERE prescription_id IN (${placeholders})
+      ORDER BY prescription_id, id ASC
+    `,
+    prescriptionIds,
+  );
+  const diagnosisMap = new Map();
+  const medicineMap = new Map();
+  for (const row of diagnosisRows) {
+    const currentValues = diagnosisMap.get(row.prescription_id) || [];
+    currentValues.push(row.diagnosis_text);
+    diagnosisMap.set(row.prescription_id, currentValues);
+  }
+  for (const row of medicineRows) {
+    const currentValues = medicineMap.get(row.prescription_id) || [];
+    currentValues.push({
+      name: row.name,
+      dosage: row.dosage,
+      frequency: row.frequency,
+      duration: row.duration,
+      notes: row.notes,
+    });
+    medicineMap.set(row.prescription_id, currentValues);
+  }
+  return {
+    diagnosisMap,
+    medicineMap,
+  };
+}
+async function buildPrescriptionList(whereClause, params) {
+  const rows = await query(
+    `${PRESCRIPTION_SELECT} WHERE ${whereClause} ORDER BY pr.issued_at DESC`,
+    params,
+  );
+  const prescriptionIds = rows.map((row) => row.id);
+  const { diagnosisMap, medicineMap } = await loadPrescriptionChildren(
+    prescriptionIds,
+  );
+  return rows.map((row) =>
+    mapPrescription(
+      row,
+      diagnosisMap.get(row.id) || [],
+      medicineMap.get(row.id) || [],
+    ),
+  );
+}
+async function getPrescriptionById(prescriptionId) {
+  const prescriptions = await buildPrescriptionList('pr.id = :prescriptionId', {
+    prescriptionId,
+  });
+  if (prescriptions.length === 0) {
+    throw new HttpError(
+      404,
+      'Prescription not found.',
+      'PRESCRIPTION_NOT_FOUND',
+    );
+  }
+  return prescriptions[0];
+}
+async function listPatientPrescriptions(patientPhone) {
+  return buildPrescriptionList('pr.patient_phone = :patientPhone', {
+    patientPhone,
+  });
+}
+async function listDoctorPrescriptions(doctorId) {
+  return buildPrescriptionList('pr.doctor_id = :doctorId', {
+    doctorId,
+  });
+}
+function validatePrescriptionInput({ diagnosis, medicines }) {
+  if (!Array.isArray(diagnosis) || diagnosis.length === 0) {
+    throw new HttpError(
+      400,
+      'At least one diagnosis is required.',
+      'INVALID_DIAGNOSIS',
+    );
+  }
+  if (!Array.isArray(medicines) || medicines.length === 0) {
+    throw new HttpError(
+      400,
+      'At least one medicine is required.',
+      'INVALID_MEDICINES',
+    );
+  }
+  medicines.forEach((medicine, index) => {
+    if (
+      !medicine ||
+      !medicine.name ||
+      !medicine.dosage ||
+      !medicine.frequency ||
+      !medicine.duration
+    ) {
+      throw new HttpError(
+        400,
+        `Medicine at index ${index} is missing a required field.`,
+        'INVALID_MEDICINES',
+      );
+    }
+  });
+}
+async function createPrescription({
+  doctorId,
+  appointmentId,
+  diagnosis,
+  medicines,
+  additionalNotes = null,
+  pdfPath = null,
+}) {
+  validatePrescriptionInput({ diagnosis, medicines });
+  const prescriptionId = await withTransaction(async (connection) => {
+    const [appointmentRows] = await connection.execute(
+      `
+        SELECT
+          a.id,
+          a.doctor_id,
+          a.patient_phone,
+          a.appointment_date,
+          a.status
+        FROM appointments a
+        WHERE a.id = ? AND a.doctor_id = ?
+        LIMIT 1
+        FOR UPDATE
+      `,
+      [appointmentId, doctorId],
+    );
+    if (appointmentRows.length === 0) {
+      throw new HttpError(
+        404,
+        'Appointment not found for this doctor.',
+        'APPOINTMENT_NOT_FOUND',
+      );
+    }
+    const appointment = appointmentRows[0];
+    if (appointment.status === 'completed') {
+      throw new HttpError(
+        409,
+        'Prescription already exists for this appointment.',
+        'ALREADY_COMPLETED',
+      );
+    }
+    const nextPrescriptionId = `RX${Date.now()}${crypto.randomInt(100, 999)}`;
+    await connection.execute(
+      `
+        INSERT INTO prescriptions (
+          id,
+          doctor_id,
+          patient_phone,
+          appointment_id,
+          appointment_date,
+          issued_at,
+          additional_notes,
+          pdf_path
+        ) VALUES (?, ?, ?, ?, ?, CURRENT_TIMESTAMP, ?, ?)
+      `,
+      [
+        nextPrescriptionId,
+        doctorId,
+        appointment.patient_phone,
+        appointment.id,
+        appointment.appointment_date,
+        additionalNotes ? String(additionalNotes).trim() : null,
+        pdfPath ? String(pdfPath).trim() : null,
+      ],
+    );
+    for (const [index, diagnosisText] of diagnosis.entries()) {
+      await connection.execute(
+        `
+          INSERT INTO prescription_diagnoses (
+            prescription_id,
+            diagnosis_text,
+            sort_order
+          ) VALUES (?, ?, ?)
+        `,
+        [nextPrescriptionId, String(diagnosisText).trim(), index + 1],
+      );
+    }
+    for (const medicine of medicines) {
+      await connection.execute(
+        `
+          INSERT INTO prescribed_medicines (
+            prescription_id,
+            name,
+            dosage,
+            frequency,
+            duration,
+            notes
+          ) VALUES (?, ?, ?, ?, ?, ?)
+        `,
+        [
+          nextPrescriptionId,
+          String(medicine.name).trim(),
+          String(medicine.dosage).trim(),
+          String(medicine.frequency).trim(),
+          String(medicine.duration).trim(),
+          medicine.notes ? String(medicine.notes).trim() : null,
+        ],
+      );
+    }
+    await connection.execute(
+      `
+        UPDATE appointments
+        SET
+          status = 'completed',
+          updated_at = CURRENT_TIMESTAMP
+        WHERE id = ?
+      `,
+      [appointment.id],
+    );
+    return nextPrescriptionId;
+  });
+  return getPrescriptionById(prescriptionId);
+}
+module.exports = {
+  createPrescription,
+  getPrescriptionById,
+  listDoctorPrescriptions,
+  listPatientPrescriptions,
+};

src/utils/apiResponse.js ADDED Viewed

	@@ -0,0 +1,12 @@

+function sendSuccess(res, { status = 200, message = 'Success', data = null }) {
+  return res.status(status).json({
+    success: true,
+    message,
+    data,
+    errorCode: null,
+  });
+}
+module.exports = {
+  sendSuccess,
+};

src/utils/date.js ADDED Viewed

	@@ -0,0 +1,30 @@

+const HttpError = require('./httpError');
+function normalizeDate(dateValue, fieldName = 'date') {
+  const rawValue = String(dateValue || '').trim();
+  if (/^\d{4}-\d{2}-\d{2}$/.test(rawValue)) {
+    return rawValue;
+  }
+  if (/^\d{2}\/\d{2}\/\d{4}$/.test(rawValue)) {
+    const [day, month, year] = rawValue.split('/');
+    return `${year}-${month}-${day}`;
+  }
+  throw new HttpError(
+    400,
+    `${fieldName} must use YYYY-MM-DD or DD/MM/YYYY format.`,
+    'INVALID_DATE',
+  );
+}
+function mysqlDateTimeFromNow(daysAhead) {
+  const expiryDate = new Date(Date.now() + daysAhead * 24 * 60 * 60 * 1000);
+  return expiryDate.toISOString().slice(0, 19).replace('T', ' ');
+}
+module.exports = {
+  normalizeDate,
+  mysqlDateTimeFromNow,
+};

src/utils/email.js ADDED Viewed

	@@ -0,0 +1,42 @@

+const HttpError = require('./httpError');
+const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+function normalizeEmail(email) {
+  return String(email || '').trim().toLowerCase();
+}
+function validateEmail(email) {
+  const normalizedEmail = normalizeEmail(email);
+  if (!EMAIL_REGEX.test(normalizedEmail)) {
+    throw new HttpError(
+      400,
+      'A valid email address is required.',
+      'INVALID_EMAIL',
+    );
+  }
+  return normalizedEmail;
+}
+function maskEmail(email) {
+  const normalizedEmail = normalizeEmail(email);
+  const [localPart, domainPart] = normalizedEmail.split('@');
+  if (!localPart || !domainPart) {
+    return normalizedEmail;
+  }
+  if (localPart.length <= 2) {
+    return `${localPart[0] || '*'}*@${domainPart}`;
+  }
+  return `${localPart[0]}${'*'.repeat(Math.max(localPart.length - 2, 1))}${localPart.slice(-1)}@${domainPart}`;
+}
+module.exports = {
+  maskEmail,
+  normalizeEmail,
+  validateEmail,
+};

src/utils/httpError.js ADDED Viewed

	@@ -0,0 +1,9 @@

+class HttpError extends Error {
+  constructor(statusCode, message, errorCode = 'INTERNAL_ERROR') {
+    super(message);
+    this.statusCode = statusCode;
+    this.errorCode = errorCode;
+  }
+}
+module.exports = HttpError;

src/utils/otpStore.js ADDED Viewed

	@@ -0,0 +1,51 @@

+const crypto = require('crypto');
+const env = require('../config/env');
+const otpStore = new Map();
+function generateOtp() {
+  const minimum = 10 ** (env.otpLength - 1);
+  const maximum = 10 ** env.otpLength;
+  return String(minimum + crypto.randomInt(0, maximum - minimum));
+}
+function createOtp(targetKey) {
+  const otpCode = generateOtp();
+  const expiresAt = Date.now() + env.otpTtlMinutes * 60 * 1000;
+  otpStore.set(targetKey, {
+    otpCode,
+    expiresAt,
+  });
+  return {
+    otpCode,
+    expiresAt,
+  };
+}
+function verifyOtp(targetKey, otpCode) {
+  const record = otpStore.get(targetKey);
+  if (!record) {
+    return false;
+  }
+  if (record.expiresAt < Date.now()) {
+    otpStore.delete(targetKey);
+    return false;
+  }
+  const isValid = record.otpCode === String(otpCode || '').trim();
+  if (isValid) {
+    otpStore.delete(targetKey);
+  }
+  return isValid;
+}
+module.exports = {
+  createOtp,
+  verifyOtp,
+};

src/utils/phone.js ADDED Viewed

	@@ -0,0 +1,26 @@

+const HttpError = require('./httpError');
+const BANGLADESH_PHONE_REGEX = /^01\d{9}$/;
+function normalizePhone(phoneNumber) {
+  return String(phoneNumber || '').replace(/\D/g, '');
+}
+function validatePhone(phoneNumber) {
+  const normalizedPhone = normalizePhone(phoneNumber);
+  if (!BANGLADESH_PHONE_REGEX.test(normalizedPhone)) {
+    throw new HttpError(
+      400,
+      'Phone number must be an 11 digit Bangladesh mobile number.',
+      'INVALID_PHONE_NUMBER',
+    );
+  }
+  return normalizedPhone;
+}
+module.exports = {
+  normalizePhone,
+  validatePhone,
+};

src/utils/serializers.js ADDED Viewed

	@@ -0,0 +1,115 @@

+function parseJsonValue(value, fallback = []) {
+  if (value === null || value === undefined) {
+    return fallback;
+  }
+  if (Array.isArray(value) || typeof value === 'object') {
+    return value;
+  }
+  try {
+    return JSON.parse(value);
+  } catch (_error) {
+    return fallback;
+  }
+}
+function titleCase(value) {
+  const rawValue = String(value || '').trim();
+  if (!rawValue) {
+    return rawValue;
+  }
+  return rawValue.charAt(0).toUpperCase() + rawValue.slice(1).toLowerCase();
+}
+function formatDateForFlutter(dateValue) {
+  const rawValue = String(dateValue || '').trim();
+  if (/^\d{4}-\d{2}-\d{2}$/.test(rawValue)) {
+    const [year, month, day] = rawValue.split('-');
+    return `${day}/${month}/${year}`;
+  }
+  return rawValue;
+}
+function mapDoctor(row) {
+  return {
+    id: row.id,
+    name: row.name,
+    department: row.department,
+    designation: row.designation,
+    degrees: row.degrees,
+    roomNumber: row.room_number,
+    consultationFee: Number(row.consultation_fee),
+    consultationDays: parseJsonValue(row.consultation_days),
+    consultationTimes: row.consultation_times,
+    isActive: Boolean(row.is_active),
+    createdAt: row.created_at,
+    updatedAt: row.updated_at,
+  };
+}
+function mapPatient(row) {
+  return {
+    phoneNumber: row.phone_number,
+    email: row.email,
+    name: row.name,
+    dateOfBirth: formatDateForFlutter(row.date_of_birth),
+    address: row.address,
+    gender: titleCase(row.gender),
+    createdAt: row.created_at,
+    updatedAt: row.updated_at,
+  };
+}
+function mapAppointment(row) {
+  return {
+    id: Number(row.id),
+    doctorId: row.doctor_id,
+    doctorName: row.doctor_name,
+    doctorDepartment: row.doctor_department,
+    doctorDesignation: row.doctor_designation,
+    doctorDegrees: row.doctor_degrees,
+    patientPhone: row.patient_phone,
+    patientName: row.patient_name,
+    date: row.appointment_date,
+    timeSlot: row.time_slot,
+    serialNumber: Number(row.serial_number),
+    status: titleCase(row.status),
+    notes: row.notes,
+    createdAt: row.created_at,
+    updatedAt: row.updated_at,
+  };
+}
+function mapPrescription(row, diagnosis = [], medicines = []) {
+  return {
+    id: row.id,
+    appointmentId: row.appointment_id ? Number(row.appointment_id) : null,
+    doctorId: row.doctor_id,
+    doctorName: row.doctor_name,
+    doctorDepartment: row.doctor_department,
+    doctorDesignation: row.doctor_designation,
+    doctorDegrees: row.doctor_degrees,
+    patientPhone: row.patient_phone,
+    patientName: row.patient_name,
+    appointmentDate: row.appointment_date,
+    issuedAt: row.issued_at,
+    diagnosis,
+    medicines,
+    additionalNotes: row.additional_notes,
+    pdfPath: row.pdf_path,
+    createdAt: row.created_at,
+  };
+}
+module.exports = {
+  mapDoctor,
+  mapPatient,
+  mapAppointment,
+  mapPrescription,
+  parseJsonValue,
+  titleCase,
+};

src/utils/tokens.js ADDED Viewed

	@@ -0,0 +1,53 @@

+const crypto = require('crypto');
+const jwt = require('jsonwebtoken');
+const env = require('../config/env');
+function signAccessToken({ userType, userIdentifier, sessionId }) {
+  return jwt.sign(
+    {
+      type: 'access',
+      role: userType,
+      sessionId,
+    },
+    env.jwtSecret,
+    {
+      subject: userIdentifier,
+      expiresIn: `${env.accessTokenMinutes}m`,
+    },
+  );
+}
+function signRefreshToken({ userType, userIdentifier, sessionId }) {
+  return jwt.sign(
+    {
+      type: 'refresh',
+      role: userType,
+      sessionId,
+    },
+    env.jwtRefreshSecret,
+    {
+      subject: userIdentifier,
+      expiresIn: `${env.refreshTokenDays}d`,
+    },
+  );
+}
+function verifyAccessToken(token) {
+  return jwt.verify(token, env.jwtSecret);
+}
+function verifyRefreshToken(token) {
+  return jwt.verify(token, env.jwtRefreshSecret);
+}
+function hashToken(token) {
+  return crypto.createHash('sha256').update(token).digest('hex');
+}
+module.exports = {
+  hashToken,
+  signAccessToken,
+  signRefreshToken,
+  verifyAccessToken,
+  verifyRefreshToken,
+};