Merge pull request #2710 from ohcnetwork/develop

HMIS Release to Staging

Author: gigincg

.dockerignore

@@ -4,3 +4,5 @@ htmlcov
 staticfiles
 .coverage
 care/media/
+celerybeat-schedule
+celerybeat*

.github/workflows/deploy.yml

@@ -194,19 +194,3 @@ jobs:
           service: ${{ env.ECS_SERVICE_BACKEND }}
           cluster: ${{ env.ECS_CLUSTER }}
           wait-for-service-stability: true
-
-  deploy-staging-gcp:
-    needs: build
-    if: github.ref == 'refs/heads/staging'
-    name: Deploy to staging GCP cluster
-    runs-on: ubuntu-latest
-    environment:
-      name: Staging-GCP
-      url: https://care-staging-api.ohc.network/
-    steps:
-      - name: Trigger deploy
-        run: |
-          COMMIT_SHA=${{ github.sha }}
-          JSON='{ "substitutions": { "care_be_tag":"'"$COMMIT_SHA"'", "care_fe_tag": "", "metabase_tag": "" } }'
-          curl --location "${{ secrets.STAGING_GCP_DEPLOY_URL }}" \
-            --header 'Content-Type: application/json' --data "$JSON"

.github/workflows/reusable-test.yml

@@ -9,7 +9,7 @@ on:
       event_name:
         required: false
         type: string
-        default: 'pull_request'
+        default: "pull_request"
 
 jobs:
   test:
@@ -31,6 +31,7 @@ jobs:
 
       - name: Create new cache
         run: |
+          mkdir -p /tmp/.buildx-cache
           mkdir -p /tmp/.buildx-cache-new
 
       - name: Bake docker images

.gitignore

@@ -345,6 +345,8 @@ care/media/*
 test_db
 
 celerybeat-schedule*
+celerybeat-schedule-shm
+celerybeat-schedule-wal
 
 secrets.sh
 

Makefile

@@ -25,6 +25,9 @@ pull:
 up:
 	docker compose -f docker-compose.yaml -f $(docker_config_file) up -d --wait
 
+build-up-live:
+	docker compose -f docker-compose.yaml -f $(docker_config_file) up --build
+
 down:
 	docker compose -f docker-compose.yaml -f $(docker_config_file) down
 
@@ -66,7 +69,8 @@ load-db:
 	docker compose exec db sh -c "pg_restore -U postgres --clean --if-exists -d care /tmp/care_db.dump"
 
 reset-db:
-	docker compose exec backend bash -c "python manage.py reset_db --noinput"
+	docker compose exec db sh -c "dropdb -U postgres care -f"
+	docker compose exec db sh -c "createdb -U postgres care"
 
 ruff-all:
 	ruff check .

Pipfile

@@ -5,8 +5,8 @@ name = "pypi"
 
 [packages]
 argon2-cffi = "==23.1.0"
-authlib = "==1.3.2"
-boto3 = "==1.35.59"
+authlib = "==1.4.0"
+boto3 = "==1.35.90"
 celery = "==5.4.0"
 django = "==5.1.3"
 django-environ = "==0.11.2"
@@ -24,30 +24,32 @@ djangorestframework-simplejwt = "==5.3.1"
 dry-rest-permissions = "==0.1.10"
 drf-nested-routers = "==0.94.1"
 drf-spectacular = "==0.27.2"
-"fhir.resources" = "==6.5.0"
 gunicorn = "==23.0.0"
 healthy-django = "==0.1.0"
+json-fingerprint = "==0.14.0"
 jsonschema = "==4.23.0"
 newrelic = "==10.2.0"
 pillow = "==11.0.0"
 psycopg = { extras = ["c"], version = "==3.2.3" }
-pydantic = "==1.10.18" # fix for fhir.resources < 7.0.2
+pydantic = "==2.9.2"
 pyjwt = "==2.9.0"
 python-slugify = "==8.0.4"
 pywebpush = "==2.0.1"
 redis = { extras = ["hiredis"], version = "==5.2.0" }
 redis-om = "==0.3.3"
 requests = "==2.32.3"
+simplejson = "==3.19.3"
 sentry-sdk = "==2.18.0"
 whitenoise = "==6.8.2"
+django-anymail = {extras = ["amazon-ses"], version = "*"}
 
 [dev-packages]
 boto3-stubs = { extras = ["s3", "boto3"], version = "*" }
 coverage = "==7.6.4"
-debugpy = "==1.8.8"
+debugpy = "==1.8.11"
 django-coverage-plugin = "==3.1.0"
 django-extensions = "==3.2.3"
-django-silk = "==5.2.0"
+django-silk = "==5.3.2"
 djangorestframework-stubs = "==3.15.1"
 factory-boy = "==3.3.1"
 freezegun = "==1.5.1"
@@ -58,7 +60,11 @@ requests-mock = "==1.12.1"
 tblib = "==3.0.0"
 watchdog = "==6.0.0"
 werkzeug = "==3.1.3"
-ruff = "==0.7.3"
+ruff = "==0.8.4"
+model-bakery = "==1.20.0"
+dirty-equals = "==0.8.0"
+polyfactory = "==2.18.1"
+Faker = "==33.3.0"
 
 [docs]
 furo = "==2024.8.6"

Pipfile.lock

@@ -85,7 +85,12 @@ def __call__(self, request: HttpRequest):
         response: HttpResponse = self.get_response(request)
         self.save(request, response)
 
-        current_user_str = f"{request.user.id}|{request.user}" if request.user else None
+        if getattr(request.user, "is_alternative_login", False):
+            current_user_str = f"patient|{request.user.phone_number[-4:]}"
+        else:
+            current_user_str = (
+                f"{request.user.id}|{request.user}" if request.user else None
+            )
 
         logger.info(
             "%s %s %s User:[%s]",

care/audit_log/middleware.py

@@ -0,0 +1,87 @@
+from datetime import timedelta
+
+from django.conf import settings
+from django.utils import timezone
+from pydantic import BaseModel, Field, field_validator
+from rest_framework.decorators import action
+from rest_framework.exceptions import ValidationError
+from rest_framework.response import Response
+
+from care.emr.api.viewsets.base import EMRBaseViewSet
+from care.facility.api.serializers.patient_otp import rand_pass
+from care.facility.models import PatientMobileOTP
+from care.utils.models.validators import mobile_validator
+from care.utils.sms.send_sms import send_sms
+from config.patient_otp_token import PatientToken
+
+
+class OTPLoginRequestSpec(BaseModel):
+    phone_number: str
+
+    @field_validator("phone_number")
+    @classmethod
+    def validate_phone_number(cls, value):
+        try:
+            mobile_validator(value)
+        except Exception as e:
+            msg = "Invalid phone number"
+            raise ValueError(msg) from e
+        return value
+
+
+class OTPLoginSpec(OTPLoginRequestSpec):
+    otp: str = Field(min_length=settings.OTP_LENGTH, max_length=settings.OTP_LENGTH)
+
+
+class OTPLoginView(EMRBaseViewSet):
+    authentication_classes = []
+    permission_classes = []
+
+    @action(detail=False, methods=["POST"])
+    def send(self, request):
+        data = OTPLoginRequestSpec(**request.data)
+        sent_otps = PatientMobileOTP.objects.filter(
+            created_date__gte=(timezone.now() - timedelta(settings.OTP_REPEAT_WINDOW)),
+            is_used=False,
+            phone_number=data.phone_number,
+        )
+        if sent_otps.count() >= settings.OTP_MAX_REPEATS_WINDOW:
+            raise ValidationError({"phone_number": "Max Retries has exceeded"})
+        random_otp = ""
+        if settings.USE_SMS:
+            random_otp = rand_pass(settings.OTP_LENGTH)
+            try:
+                send_sms(
+                    data.phone_number,
+                    (
+                        f"Open Healthcare Network Patient Management System Login, OTP is {random_otp} . "
+                        "Please do not share this Confidential Login Token with anyone else"
+                    ),
+                )
+            except Exception as e:
+                import logging
+
+                logging.error(e)
+        else:
+            random_otp = "45612"
+
+        otp_obj = PatientMobileOTP(phone_number=data.phone_number, otp=random_otp)
+        otp_obj.save()
+        return Response({"otp": "generated"})
+
+    @action(detail=False, methods=["POST"])
+    def login(self, request):
+        data = OTPLoginSpec(**request.data)
+        otp_object = PatientMobileOTP.objects.filter(
+            phone_number=data.phone_number, otp=data.otp, is_used=False
+        ).first()
+        if not otp_object:
+            raise ValidationError({"otp": "Invalid OTP"})
+
+        otp_object.is_used = True
+        otp_object.save()
+
+        token = PatientToken()
+        token["phone_number"] = data.phone_number
+
+        return Response({"access": str(token)})

care/facility/models/tests/__init__.py renamed to care/emr/__init__.py

@@ -0,0 +1,24 @@
+from care.emr.api.viewsets.base import EMRBaseViewSet, EMRCreateMixin, EMRListMixin
+from care.emr.models.patient import Patient
+from care.emr.resources.patient.otp_based_flow import (
+    PatientOTPReadSpec,
+    PatientOTPWriteSpec,
+)
+from config.patient_otp_authentication import (
+    JWTTokenPatientAuthentication,
+    OTPAuthenticatedPermission,
+)
+
+
+class PatientOTPView(EMRCreateMixin, EMRListMixin, EMRBaseViewSet):
+    authentication_classes = [JWTTokenPatientAuthentication]
+    permission_classes = [OTPAuthenticatedPermission]
+    pydantic_model = PatientOTPWriteSpec
+    pydantic_read_model = PatientOTPReadSpec
+
+    def perform_create(self, instance):
+        instance.phone_number = self.request.user.phone_number
+        instance.save()
+
+    def get_queryset(self):
+        return Patient.objects.filter(phone_number=self.request.user.phone_number)

care/facility/static_data/__init__.py renamed to care/emr/api/otp_viewsets/__init__.py

@@ -0,0 +1,64 @@
+from pydantic import UUID4
+from rest_framework.decorators import action
+from rest_framework.exceptions import ValidationError
+from rest_framework.response import Response
+
+from care.emr.api.viewsets.base import EMRBaseViewSet, EMRRetrieveMixin
+from care.emr.api.viewsets.scheduling import (
+    AppointmentBookingSpec,
+    SlotsForDayRequestSpec,
+    SlotViewSet,
+)
+from care.emr.models.patient import Patient
+from care.emr.models.scheduling import TokenBooking, TokenSlot
+from care.emr.resources.scheduling.slot.spec import (
+    TokenBookingReadSpec,
+    TokenSlotBaseSpec,
+)
+from config.patient_otp_authentication import (
+    JWTTokenPatientAuthentication,
+    OTPAuthenticatedPermission,
+)
+
+
+class SlotsForDayRequestSpec(SlotsForDayRequestSpec):
+    facility: UUID4
+
+
+class OTPSlotViewSet(EMRRetrieveMixin, EMRBaseViewSet):
+    authentication_classes = [JWTTokenPatientAuthentication]
+    permission_classes = [OTPAuthenticatedPermission]
+    database_model = TokenSlot
+    pydantic_read_model = TokenSlotBaseSpec
+
+    @action(detail=False, methods=["POST"])
+    def get_slots_for_day(self, request, *args, **kwargs):
+        request_data = SlotsForDayRequestSpec(**request.data)
+        return SlotViewSet.get_slots_for_day_handler(
+            request_data.facility, request.data
+        )
+
+    @action(detail=True, methods=["POST"])
+    def create_appointment(self, request, *args, **kwargs):
+        request_data = AppointmentBookingSpec(**request.data)
+        if not Patient.objects.filter(
+            external_id=request_data.patient, phone_number=request.user.phone_number
+        ).exists():
+            raise ValidationError("Patient not allowed ")
+        return SlotViewSet.create_appointment_handler(
+            self.get_object(), request.data, None
+        )
+
+    @action(detail=False, methods=["GET"])
+    def get_appointments(self, request, *args, **kwargs):
+        appointments = TokenBooking.objects.filter(
+            patient__phone_number=request.user.phone_number
+        )
+        return Response(
+            {
+                "results": [
+                    TokenBookingReadSpec.serialize(obj).model_dump(exclude=["meta"])
+                    for obj in appointments
+                ]
+            }
+        )