This application is a comprehensive web-based system designed for medical physicists at Prophy, providing a centralized platform to efficiently manage client data, schedule appointments, and organize institutional materials.
Companies providing medical physics services often lack a standardized tool to manage and organize data and business processes. Each company relies on its own methods, making it challenging for regulatory entities like ANVISA and CNEN to conduct audits effectively. Additionally, medical physicists frequently resort to manual processes for managing data and workflows, which are error-prone and time-consuming.
The goal of this project is to develop software that standardizes auditing processes and automates business workflows related to medical physics services. By doing so, it aims to enhance the security of healthcare services and improve the efficiency of medical physicists, ensuring better compliance and streamlined operations.
-
Install Poetry: Poetry is a robust tool for dependency management and packaging in Python. To install it, follow the docs: Poetry Installation
-
Initialize the Project: Navigate to your project directory containing the
pyproject.tomlfile and run:poetry install
This command will create a virtual environment and install the dependencies specified in the
pyproject.toml.
-
Install Node.js and npm:
- Download and install the latest Long-Term Support (LTS) version of Node.js from the official website: https://nodejs.org/.
- The Node.js installer includes npm (Node Package Manager), which you'll use to manage project dependencies.
-
Install Project Dependencies:
-
Inside of the
frontendfolder, run:npm install
This command reads the
package.jsonfile and installs all specified dependencies into anode_modulesfolder.
-
To run this Django project, specific environment variables must be configured in a .env file located at the backend folder. Below is a detailed explanation of all the environment variables required:
- DJANGO_SECRET_KEY
- Description: The secret key used by Django for cryptographic signing.
- Purpose: This key ensures the security of cookies, tokens, and other cryptographic processes.
- Example:
DJANGO_SECRET_KEY='<random_generated_secret_key> - Note: This should be a long, unique, and randomly generated string. Never share it publicly.
- DEBUG
- Description: Controls whether the application is in debug mode.
- Purpose: Debug mode is helpful during development but should always be set to
Falsein production. - Values:
True: Enables debug mode.False: Disables debug mode.
- Example:
DEBUG=True
- AUTH_COOKIE_SECURE
- Description: Determines whether the authentication cookie should only be sent over secure (HTTPS) connections.
- Purpose: Enhances the security of cookies by restricting them to HTTPS.
- Values:
True: Only allow cookies over HTTPS.False: Allow cookies over both HTTP and HTTPS (useful for local development).
- Example:
AUTH_COOKIE_SECURE=False
- FRONTEND_URL
- Description: The URL of the frontend application that interacts with this Django backend.
- Purpose: Used for configuring CORS and other integrations with the frontend.
- Example:
FRONTEND_URL='http://localhost:3000'
- DJANGO_ALLOWED_HOSTS
- Description: Specifies the host/domain names that this Django site can serve.
- Purpose: Protects against HTTP Host header attacks.
- Values: A comma-separated list of allowed hostnames.
- Example:
DJANGO_ALLOWED_HOSTS='127.0.0.1,localhost'
To run the frontend application, only one variable must be set in a .env file located at frontend folder.
- NEXT_PUBLIC_HOST
- Description: The host URL for the backend application, used by the frontend to communicate with the backend API.
- Purpose: Ensures the frontend correctly points to the backend application.
- Example:
NEXT_PUBLIC_HOST=http://localhost:8000
- Security: Do not expose your
.envfile publicly or commit it to version control systems like Git. - Production Configuration: Ensure that
DEBUGisFalseandAUTH_COOKIE_SECUREisTruein production. - Dynamic Configuration: You can create separate
.envfiles for different environments (e.g.,.env.productionand.env.development) and load them accordingly.
Ensure all required variables are properly set before running the application to avoid errors or insecure configurations.
- Inside of the
backendfolder, run the migratios:
python manage.py makemigrationspython manage.py migrate- Run the script to populate the database with some example data:
./flush_and_populate_db.sh- In the
backendfolder, run:
python manage.py runserver- In a different terminal and inside the
frontendfolder, run:
npm build && npm startIf the environment variables were correctly set up, the application should be running in your local machine!
- Secure user registration and login system.
- Role-based access control (RBAC) with the following user profiles:
- Prophy Manager: Full access to all features.
- Comercial: Access to clients data (read-only), reports (read-only) and proposal of contracts (add/edit/read)
- Internal Medical Physicist: Access to most features, including client-specific data, institutional materials, and scheduling.
- Client Manager: Access to their own institution's data, equipment information, schedules (read-only), and invoices (read-only).
- Unit Manager: Assigned by a Client Manager to manage specific units, with access limited to their assigned units' data.
- External Medical Physicist: Limited access to schedules (read-only) and client data (read-only) associated with their assigned clients.
- Client Registration Form:
- Allows approved clients to submit their information and request services.
- Client Dashboard:
- Clients can register and manage their institution's information:
- CNPJ (Brazilian company ID)
- Institution details
- Contact details
- Units and responsible managers
- Equipment inventory
- Updating data needs approval from someone in the Prophy Staff
- Clients can register and manage their institution's information:
- Client Data Management (Internal Staff):
- Internal staff can view, edit, review, and manage client data:
- Client details
- Units
- Equipments
- Invoices (including download options and payment status updates)
- Advanced filtering options for efficient data retrieval.
- Internal staff can view, edit, review, and manage client data:
- Appointment Scheduling:
- Internal staff can schedule appointments, specifying:
- Date and time
- Client
- Equipment involved
- Description of the service that will be provided
- Appointment status (scheduled, completed)
- Reports
- Google Calendar integration for seamless scheduling and reminders.
- Internal staff can schedule appointments, specifying:
- Appointment Views:
- Clients and assigned external physicists can view their scheduled appointments.
- Notifications and reminders via email and Google Calendar integration.
- Material Management:
- Internal staff can upload and manage institutional materials:
- PDFs
- Video links
- Categorization by client profile and diagnostic modality
- Access control to ensure only authorized users can view and download materials.
- Internal staff can upload and manage institutional materials:
- Invoice Generation:
- System generates invoices based on services provided.
- Internal staff can manage invoice details and payment status.
- Payment Tracking:
- Clients can view their invoices, download copies, and upload payment confirmations.
The project is actively in development. There's 4 stages of development:
- User authentication and client registration.
- Client data management for both internal staff and clients (actively under development).
- Appointment scheduling and Reports.
- Institutional materials management and access control.
Future development will include:
- Enhanced reporting and analytics.
- Mobile app for clients and staff.
- Continuous improvement based on user feedback.
If you'd like to contribute, please fork the repository and open a pull request to the main branch.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}