--- title: Care People Backend emoji: "🏥" colorFrom: blue colorTo: indigo sdk: docker app_port: 3000 pinned: false --- # Care People Backend MySQL-backed backend for the Flutter `care_people` app using: - Node.js + Express - XAMPP MariaDB/MySQL - JWT auth with 2-day refresh sessions - Dev OTP flow for patient login - Mailchimp Transactional-ready email OTP delivery ## Hugging Face same-space MySQL If `DB_HOST` is `127.0.0.1` or `localhost`, the container entrypoint starts an embedded MariaDB instance before launching the Node.js API. - Keep `DB_REQUIRED_ON_STARTUP=true` for production safety. - Use `DB_AUTO_SEED=false` in production to avoid resetting demo data. ## Local setup This backend is already configured for your current XAMPP setup: - Host: `127.0.0.1` - Port: `3306` - Database: `care_people` - User: `root` - Password: empty Start from [backend/.env](/c:/Users/mkhan/Documents/Projects/carePeople/backend/.env). Mailchimp email settings: - `MAILCHIMP_TRANSACTIONAL_ENABLED` - `MAILCHIMP_TRANSACTIONAL_API_KEY` - `MAILCHIMP_FROM_EMAIL` - `MAILCHIMP_FROM_NAME` - `MAILCHIMP_REPLY_TO` Groq AI settings: - `GROQ_API_KEY` - `GROQ_MODEL` Push notification (Firebase Cloud Messaging) settings: - `FIREBASE_ENABLED` - `FIREBASE_PROJECT_ID` - `FIREBASE_CLIENT_EMAIL` - `FIREBASE_PRIVATE_KEY` - `FIREBASE_SERVICE_ACCOUNT_JSON` - `FIREBASE_SERVICE_ACCOUNT_PATH` - `PUSH_REMINDER_WORKER_ENABLED` - `PUSH_REMINDER_WORKER_INTERVAL_SECONDS` For OTP, use `Mailchimp Transactional` (Mandrill API), not the regular Mailchimp marketing campaign API. Full setup guide: - [MAILCHIMP_SETUP.md](/c:/Users/mkhan/Documents/Projects/carePeople/backend/MAILCHIMP_SETUP.md) ## Commands Run these inside [backend](/c:/Users/mkhan/Documents/Projects/carePeople/backend): ```powershell npm install npm run db:init npm run db:seed npm run dev ``` Health check: ```powershell Invoke-RestMethod http://localhost:3000/health ``` ## Backend plan 1. Move storage from local Flutter JSON and `SharedPreferences` into MySQL. 2. Keep the current product flow intact: patient OTP login, patient profile, doctor login, doctor discovery, appointments, prescriptions. 3. Send patient OTP through email, with a dev fallback until Mailchimp credentials are added. 4. Preserve appointment history in MySQL by marking completed rows instead of deleting them. 5. Add a Postman collection so every route is testable before app integration. ## API list ### Auth - `POST /api/v1/auth/patient/send-otp` - `POST /api/v1/auth/patient/verify-otp` - `POST /api/v1/auth/doctor/login` - `POST /api/v1/auth/administrator/login` - `POST /api/v1/auth/refresh` - `POST /api/v1/auth/logout` ### AI - `POST /api/v1/ai/patient-suggestion` - `POST /api/v1/ai/doctor-assistant` ### Patients - `GET /api/v1/patients/me` - `PUT /api/v1/patients/me` ### Doctors - `GET /api/v1/doctors` - `GET /api/v1/doctors/:doctorId` ### Appointments - `GET /api/v1/appointments/doctor/:doctorId/availability?date=YYYY-MM-DD` - `GET /api/v1/appointments/patient/me` - `GET /api/v1/appointments/doctor/me` - `POST /api/v1/appointments` - `PATCH /api/v1/appointments/:appointmentId/status` ### Prescriptions - `GET /api/v1/prescriptions/patient/me` - `GET /api/v1/prescriptions/doctor/me` - `POST /api/v1/prescriptions` ### Administrators - `GET /api/v1/administrators/me` - `GET /api/v1/administrators/overview` - `GET /api/v1/administrators/appointments/recent?limit=10` - `GET /api/v1/administrators/doctors?search=` - `PATCH /api/v1/administrators/doctors/:doctorId` - `PATCH /api/v1/administrators/doctors/:doctorId/status` - `GET /api/v1/administrators/patients?search=&limit=40` - `GET /api/v1/administrators` - `POST /api/v1/administrators` ### Admissions - `POST /api/v1/admissions` - `GET /api/v1/admissions?status=&ward=&doctorId=&patientPhone=&limit=100` - `GET /api/v1/admissions/:admissionId` - `PATCH /api/v1/admissions/:admissionId/discharge` ### Billing - `POST /api/v1/billing` - `GET /api/v1/billing?patientPhone=&status=&limit=100` - `GET /api/v1/billing/:billId` - `PATCH /api/v1/billing/:billId/status` ### Inventory - `POST /api/v1/inventory/items` - `GET /api/v1/inventory/items?search=&lowStockOnly=&limit=100` - `GET /api/v1/inventory/items/:itemId` - `PATCH /api/v1/inventory/items/:itemId` - `POST /api/v1/inventory/transactions` - `GET /api/v1/inventory/transactions?itemId=&transactionType=&limit=100` ### Audit Logs - `GET /api/v1/audit-logs?eventType=&actorType=&entityType=&entityId=&from=&to=&limit=100` ### Notifications - `GET /api/v1/notifications/me` - `PATCH /api/v1/notifications/:notificationId/read` - `GET /api/v1/notifications/devices/me` - `POST /api/v1/notifications/devices/register` - `DELETE /api/v1/notifications/devices/unregister` ## Example request JSON ### Send patient OTP ```json { "phoneNumber": "01712345678", "email": "patient@example.com" } ``` ### Save patient profile ```json { "email": "patient@example.com", "name": "Md Rahim", "dateOfBirth": "1998-02-14", "address": "Dhaka, Bangladesh", "gender": "Male" } ``` ### Create appointment ```json { "doctorId": "DOC001", "date": "2026-04-06", "timeSlot": "09:00 AM", "notes": "Chest pain for 2 days" } ``` ### Create prescription ```json { "appointmentId": 1, "diagnosis": [ "Hypertension", "Chest discomfort" ], "medicines": [ { "name": "Amlodipine", "dosage": "5 mg", "frequency": "Once daily", "duration": "30 days", "notes": "After breakfast" } ], "additionalNotes": "Reduce salt intake", "pdfPath": null } ``` ### Patient AI suggestion ```json { "symptoms": "Fever, sore throat, and body pain since last night", "severity": "Medium" } ``` ### Doctor AI assistant ```json { "goal": "Consult Note", "input": "52 year old with chest discomfort for 2 days, no syncope, mild dizziness, blood pressure not yet recorded." } ``` ### Administrator login ```json { "identifier": "ADM001", "password": "Admin@123" } ``` ### Create admission ```json { "patientPhone": "01712345678", "admittingDoctorId": "DOC001", "ward": "Cardiology", "bedNumber": "C-12", "admissionReason": "Acute chest pain", "expectedDischargeAt": "2026-04-10 14:00:00" } ``` ### Create bill ```json { "patientPhone": "01712345678", "admissionId": 1, "discountAmount": 100, "taxAmount": 50, "lineItems": [ { "description": "Room charge", "quantity": 2, "unitPrice": 1500 }, { "description": "ECG", "quantity": 1, "unitPrice": 700 } ] } ``` ### Record inventory transaction ```json { "itemId": 1, "transactionType": "out", "quantity": 5, "notes": "Used in emergency ward", "referenceType": "ward_issue", "referenceId": "ER-2026-001" } ``` ## Postman Collection JSON: - [care_people.postman_collection.json](/c:/Users/mkhan/Documents/Projects/carePeople/backend/postman/care_people.postman_collection.json) Import it into Postman, then run the requests in this order: 1. `Health` 2. `Send Patient OTP` 3. `Verify Patient OTP` 4. `Save Patient Profile` 5. `List Doctors` 6. `Doctor Availability` 7. `Create Appointment` 8. `Patient AI Suggestion` 9. `Doctor Login` 10. `Doctor AI Assistant` 11. `Create Prescription` ## Notes - Doctors are seeded from [doctors.json](/c:/Users/mkhan/Documents/Projects/carePeople/assets/data/doctors.json). - Administrators are seeded with one default account via `npm run db:seed`: - ID: `ADM001` - Email: `administrator@carepeople.com` - Password: `Admin@123` - Override via `.env`: `DEFAULT_ADMIN_ID`, `DEFAULT_ADMIN_NAME`, `DEFAULT_ADMIN_EMAIL`, `DEFAULT_ADMIN_PASSWORD` - Doctor passwords stay the same as the current Flutter asset file, but are stored hashed in MySQL. - The backend returns camelCase JSON to match your current Flutter models more closely. - Patient login now expects `phoneNumber + email`, and OTP is sent by email. - When `MAILCHIMP_TRANSACTIONAL_ENABLED=false`, the backend stays in dev mode and returns the OTP in the API response for testing. - AI guidance is generated through Groq on the backend so the API key stays server-side. - Compliance logging now stores critical audit events, including doctor activation/deactivation, administrator creation, and patient record access.