forked from yaso_meth/mih-project
Add app authentication when making api calls
This commit is contained in:
@@ -1,12 +1,16 @@
|
||||
import mysql.connector
|
||||
from fastapi import APIRouter, HTTPException
|
||||
from ..database import dbConnection
|
||||
#SuperToken Auth from front end
|
||||
from supertokens_python.recipe.session.framework.fastapi import verify_session
|
||||
from supertokens_python.recipe.session import SessionContainer
|
||||
from fastapi import Depends
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
# Get Doctors Office By ID
|
||||
@router.get("/docOffices/{docOffic_id}", tags="DocOffice")
|
||||
async def read_docOfficeByID(docOffic_id: int):
|
||||
async def read_docOfficeByID(docOffic_id: int, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM doctor_offices WHERE iddoctor_offices=%s"
|
||||
@@ -21,7 +25,7 @@ async def read_docOfficeByID(docOffic_id: int):
|
||||
|
||||
# Get Doctors Office By user
|
||||
@router.get("/docOffices/user/{user}", tags="DocOffice")
|
||||
async def read_docOfficeByID(user: str):
|
||||
async def read_docOfficeByID(user: str, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM users WHERE email=%s"
|
||||
@@ -42,7 +46,7 @@ async def read_docOfficeByID(user: str):
|
||||
|
||||
# Get List of all Doctors Office
|
||||
@router.get("/docOffices/", tags="DocOffice")
|
||||
async def read_All_DoctorsOffice():
|
||||
async def read_All_DoctorsOffice(session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM doctor_offices"
|
||||
|
||||
@@ -7,7 +7,10 @@ from reportlab.lib.pagesizes import A4
|
||||
from reportlab.lib.utils import ImageReader
|
||||
import io
|
||||
from datetime import datetime
|
||||
#from minioConnect import minioConnection
|
||||
#SuperToken Auth from front end
|
||||
from supertokens_python.recipe.session.framework.fastapi import verify_session
|
||||
from supertokens_python.recipe.session import SessionContainer
|
||||
from fastapi import Depends
|
||||
|
||||
|
||||
router = APIRouter()
|
||||
@@ -19,7 +22,7 @@ class medCertUploud(BaseModel):
|
||||
endDate: str
|
||||
returnDate: str
|
||||
|
||||
|
||||
#=================understand Supertoken multirequest for file submission================================
|
||||
# Get List of all files by patient
|
||||
@router.post("/files/upload/file/", tags="patients_files")
|
||||
async def generateAndUploudMedCert( file: UploadFile = File(...)):
|
||||
@@ -34,7 +37,7 @@ async def generateAndUploudMedCert( file: UploadFile = File(...)):
|
||||
|
||||
# Get List of all files by patient
|
||||
@router.post("/files/generate/med-cert/", tags="patients_files")
|
||||
async def generateAndUploudMedCert(requestItem: medCertUploud):
|
||||
async def generateAndUploudMedCert(requestItem: medCertUploud, session: SessionContainer = Depends(verify_session())):
|
||||
uploudMedCert(requestItem.fullName,
|
||||
requestItem.docfname,
|
||||
requestItem.startDate,
|
||||
|
||||
@@ -2,7 +2,10 @@ from fastapi import APIRouter, HTTPException
|
||||
from pydantic import BaseModel
|
||||
import os
|
||||
import xlrd
|
||||
|
||||
#SuperToken Auth from front end
|
||||
from supertokens_python.recipe.session.framework.fastapi import verify_session
|
||||
from supertokens_python.recipe.session import SessionContainer
|
||||
from fastapi import Depends
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
@@ -12,12 +15,12 @@ class medicine(BaseModel):
|
||||
|
||||
#get all medicines
|
||||
@router.get("/users/medicine/all", tags="medicine")
|
||||
async def read_all_medicine():
|
||||
async def read_all_medicine(session: SessionContainer = Depends(verify_session())):
|
||||
return getMedicineData("")
|
||||
|
||||
#get all medicines by search
|
||||
@router.get("/users/medicine/{medSearch}", tags="medicine")
|
||||
async def read_all_medicine(medSearch: str):
|
||||
async def read_all_medicine(medSearch: str, session: SessionContainer = Depends(verify_session())):
|
||||
return getMedicineData(medSearch)
|
||||
|
||||
def getMedicineData(medsearch: str):
|
||||
|
||||
@@ -2,6 +2,10 @@ import mysql.connector
|
||||
from fastapi import APIRouter, HTTPException
|
||||
from pydantic import BaseModel
|
||||
from ..database import dbConnection
|
||||
#SuperToken Auth from front end
|
||||
from supertokens_python.recipe.session.framework.fastapi import verify_session
|
||||
from supertokens_python.recipe.session import SessionContainer
|
||||
from fastapi import Depends
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
@@ -41,7 +45,7 @@ class patientDeleteRequest(BaseModel):
|
||||
|
||||
# Get Patient By ID Number
|
||||
@router.get("/patients/id/{pat_id}", tags="patients")
|
||||
async def read_patientByID(pat_id: str):
|
||||
async def read_patientByID(pat_id: str, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM patients WHERE idpatients=%s"
|
||||
@@ -90,7 +94,7 @@ async def read_patientByID(id_no: str):
|
||||
|
||||
# Get List of all patients
|
||||
@router.get("/patients/user/{email}", tags="patients")
|
||||
async def read_all_patientsByUser(email: str):
|
||||
async def read_all_patientsByUser(email: str, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
#query = "SELECT * FROM patients"
|
||||
@@ -124,7 +128,7 @@ async def read_all_patientsByUser(email: str):
|
||||
|
||||
# Get List of all patients
|
||||
@router.get("/patients/", tags="patients")
|
||||
async def read_all_patients():
|
||||
async def read_all_patients(session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM patients"
|
||||
@@ -151,7 +155,7 @@ async def read_all_patients():
|
||||
|
||||
# Get List of all patients by Doctors Office
|
||||
@router.get("/patients/docOffice/{docoff_id}", tags="patients")
|
||||
async def read_all_patientsby(docoff_id: str):
|
||||
async def read_all_patientsby(docoff_id: str, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM patients where doc_office_id=%s"
|
||||
@@ -178,7 +182,7 @@ async def read_all_patientsby(docoff_id: str):
|
||||
|
||||
# Insert Patient into table
|
||||
@router.post("/patients/insert/", tags="patients", status_code=201)
|
||||
async def insertPatient(itemRequest : patientInsertRequest):
|
||||
async def insertPatient(itemRequest : patientInsertRequest, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "insert into patients "
|
||||
@@ -211,7 +215,7 @@ async def insertPatient(itemRequest : patientInsertRequest):
|
||||
|
||||
# Update Patient on table
|
||||
@router.put("/patients/update/", tags="patients")
|
||||
async def UpdatePatient(itemRequest : patientUpdateRequest):
|
||||
async def UpdatePatient(itemRequest : patientUpdateRequest, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "update patients "
|
||||
@@ -246,7 +250,7 @@ async def UpdatePatient(itemRequest : patientUpdateRequest):
|
||||
|
||||
# delete Patient on table
|
||||
@router.delete("/patients/delete/", tags="patients")
|
||||
async def DeletePatient(itemRequest : patientDeleteRequest):
|
||||
async def DeletePatient(itemRequest : patientDeleteRequest, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "delete from patients "
|
||||
|
||||
@@ -3,6 +3,10 @@ from fastapi import APIRouter, HTTPException
|
||||
from pydantic import BaseModel
|
||||
from ..database import dbConnection
|
||||
from datetime import date
|
||||
#SuperToken Auth from front end
|
||||
from supertokens_python.recipe.session.framework.fastapi import verify_session
|
||||
from supertokens_python.recipe.session import SessionContainer
|
||||
from fastapi import Depends
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
@@ -17,7 +21,7 @@ class fileInsertRequest(BaseModel):
|
||||
|
||||
# Get List of all files
|
||||
@router.get("/files/patients/", tags="patients_files")
|
||||
async def read_all_files():
|
||||
async def read_all_files(session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM patient_files"
|
||||
@@ -38,7 +42,7 @@ async def read_all_files():
|
||||
|
||||
# Get List of all files by patient
|
||||
@router.get("/files/patients/{patientID}", tags="patients_files")
|
||||
async def read_all_files_by_patient(patientID: int):
|
||||
async def read_all_files_by_patient(patientID: int, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM patient_files where patient_id = %s ORDER BY insert_date DESC"
|
||||
@@ -59,7 +63,7 @@ async def read_all_files_by_patient(patientID: int):
|
||||
|
||||
# Get List of all files by patient & DocOffice
|
||||
@router.get("/files/patients-docOffice/", tags="patients_files")
|
||||
async def read_all_files_by_patient(itemRequest: fileRequest):
|
||||
async def read_all_files_by_patient(itemRequest: fileRequest, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "select patient_files.idpatient_files, patient_files.file_path, patient_files.file_name, patient_files.patient_id, patient_files.insert_date, patients.doc_office_id "
|
||||
@@ -86,7 +90,7 @@ async def read_all_files_by_patient(itemRequest: fileRequest):
|
||||
|
||||
# Insert Patient note into table
|
||||
@router.post("/files/insert/", tags="patients_notes", status_code=201)
|
||||
async def insertPatientFiles(itemRequest : fileInsertRequest):
|
||||
async def insertPatientFiles(itemRequest : fileInsertRequest, session: SessionContainer = Depends(verify_session())):
|
||||
today = date.today()
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
|
||||
@@ -3,6 +3,10 @@ from fastapi import APIRouter, HTTPException
|
||||
from pydantic import BaseModel
|
||||
from datetime import date
|
||||
from ..database import dbConnection
|
||||
#SuperToken Auth from front end
|
||||
from supertokens_python.recipe.session.framework.fastapi import verify_session
|
||||
from supertokens_python.recipe.session import SessionContainer
|
||||
from fastapi import Depends
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
@@ -23,7 +27,7 @@ class patientNoteUpdateRequest(BaseModel):
|
||||
|
||||
# Get List of all notes
|
||||
@router.get("/notes/patients/", tags="patients_notes")
|
||||
async def read_all_notes():
|
||||
async def read_all_notes(session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM patient_notes"
|
||||
@@ -43,7 +47,7 @@ async def read_all_notes():
|
||||
|
||||
# Get List of all notes by patient
|
||||
@router.get("/notes/patients/{patientID}", tags="patients_notes")
|
||||
async def read_all_patientsby(patientID: int):
|
||||
async def read_all_patientsby(patientID: int, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM patient_notes where patient_id = %s ORDER BY insert_date DESC"
|
||||
@@ -64,7 +68,7 @@ async def read_all_patientsby(patientID: int):
|
||||
|
||||
# Get List of all notes by patient
|
||||
@router.get("/notes/patients-docOffice/", tags="patients_notes")
|
||||
async def read_all_patientsby(itemRequest: fileRequest):
|
||||
async def read_all_patientsby(itemRequest: fileRequest, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "select patient_notes.idpatient_notes, patient_notes.note_name, patient_notes.note_text, patient_notes.patient_id, patient_notes.insert_date, patients.doc_office_id "
|
||||
@@ -88,7 +92,7 @@ async def read_all_patientsby(itemRequest: fileRequest):
|
||||
|
||||
# Insert Patient note into table
|
||||
@router.post("/notes/insert/", tags="patients_notes", status_code=201)
|
||||
async def insertPatientNotes(itemRequest : patientNoteInsertRequest):
|
||||
async def insertPatientNotes(itemRequest : patientNoteInsertRequest, session: SessionContainer = Depends(verify_session())):
|
||||
today = date.today()
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
@@ -111,7 +115,7 @@ async def insertPatientNotes(itemRequest : patientNoteInsertRequest):
|
||||
|
||||
# Update Patient note on table
|
||||
@router.put("/notes/update/", tags="patients_notes")
|
||||
async def UpdatePatient(itemRequest : patientNoteUpdateRequest):
|
||||
async def UpdatePatient(itemRequest : patientNoteUpdateRequest, session: SessionContainer = Depends(verify_session())):
|
||||
today = date.today()
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
|
||||
@@ -1,6 +1,10 @@
|
||||
from fastapi import APIRouter, HTTPException
|
||||
from pydantic import BaseModel
|
||||
from ..database import dbConnection
|
||||
#SuperToken Auth from front end
|
||||
from supertokens_python.recipe.session.framework.fastapi import verify_session
|
||||
from supertokens_python.recipe.session import SessionContainer
|
||||
from fastapi import Depends
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
@@ -20,7 +24,7 @@ class userUpdateRequest(BaseModel):
|
||||
|
||||
#get user by email & doc Office ID
|
||||
@router.get("/users/profile/{email}", tags="users")
|
||||
async def read_all_users(email: str):
|
||||
async def read_all_users(email: str, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM users where email = %s"
|
||||
@@ -44,7 +48,7 @@ async def read_all_users(email: str):
|
||||
|
||||
# Get List of all files
|
||||
@router.get("/users/", tags="users")
|
||||
async def read_all_users():
|
||||
async def read_all_users(session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM users"
|
||||
@@ -68,7 +72,7 @@ async def read_all_users():
|
||||
|
||||
# Get List of all files
|
||||
@router.get("/user/{uid}", tags="users")
|
||||
async def read_all_users(uid: str):
|
||||
async def read_all_users(uid: str, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "SELECT * FROM users where app_id = %s"
|
||||
@@ -92,7 +96,7 @@ async def read_all_users(uid: str):
|
||||
|
||||
# Insert Patient into table
|
||||
@router.post("/user/insert/", tags="user", status_code=201)
|
||||
async def insertPatient(itemRequest : userInsertRequest):
|
||||
async def insertPatient(itemRequest : userInsertRequest, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "insert into users "
|
||||
@@ -112,7 +116,7 @@ async def insertPatient(itemRequest : userInsertRequest):
|
||||
|
||||
# Update User on table
|
||||
@router.put("/user/update/", tags="user")
|
||||
async def UpdateUser(itemRequest : userUpdateRequest):
|
||||
async def UpdateUser(itemRequest : userUpdateRequest, session: SessionContainer = Depends(verify_session())):
|
||||
db = dbConnection.dbConnect()
|
||||
cursor = db.cursor()
|
||||
query = "update users "
|
||||
|
||||
Reference in New Issue
Block a user