Build out a FHIR Patient management portal
This project is responsible for creating, retrieving, and updating FHIR patients.
It runs on Node.js 14.x, uses Expressjs.
There is tooling to create a datastore of patients in data/patients.json
. These are FHIR representations of patients.
There is tooling to create a datastore of users in data/users.json
. These include an id
, password
, passwordHash
and permissions
.
- Clone this project locally
- Create a feature branch
- Make your changes, committing as often as you would like
- Once ready to submit, Rrun:
git add . && git commit -m 'solution' && git diff master > ./solution.txt
- Send the resulting
solution.txt
file to[email protected]
Note Please do not submit the solution as a Github Pull Request
- User datastore is provided, with usernames and sha1 hashed passwords
- Basic auth via the
Authorization
header should be used - The passwords in the users database are only there so you can test the authenticate middleware. You should validate the passwords against the
passwordHash
which is a hex digest of the sha1 hash of the password. - This authenticate middleware should apply to all routes
- Each user has a
permissions
array that contains some combination ofGET
LIST
UPDATE
andDELETE
- A user with the
GET
permission should be authorized to call theGET /patients/:patientId
route - A user with the
LIST
permission should be authorized to call theGET /patients
route - A user with the
UPDATE
permission should be authorized to call thePUT /patients/:patientId
route - A user with the
DELETE
permission should be authorized to call theDELETE /patients/:patientId
route - If a user tries to call a route they are not authorized for, the correct error should be thrown
- The user must be authenticated before we even try to authorize
- This updates the patient with an
id
ofpatientId
if they exist - If the patient does not exists, throw the correct error.
- This route must validate the patient data - however we do not need to support the full FHIR spec for patients, only support the following fields
id
resourceType
gender
identifier
birthDate
name
- The specification for these fields can be found in the FHIR documentation however, it is very verbose. You only need to validate the fields that we have in our patients data store. See appendix below for the spec.
- The recommended approach to validation here is to use joi but any method is acceptable
- This lists all patients that match given criteria
- You should support the
birthdate
search parameter as described in the Search Parameters FHIR spec
- There is no deliverable for this portion - however, we will have a discussion about what improvements you would make to this project to make it production ready.
- Make sure you have the correct version of Node.js
- Install your dependencies
npm install
- Run
npm run setup-data
to populate your data store - Run
npm run dev
to start the server - Try the existing
GET
route by navigation tohttp://localhost:8080/patients/:patientId
in your browser, wherepatientId
matches the ID of one of your generated patients
- You can use whatever dependencies you would like
- The Airbnb ESLint Style guide is used, please follow it.
- Use the utilities to create your data store - no need to commit this data (it's in gitignore so you shouldn't need to do anything to prevent that).
- Your routes will interact with data store on the file system. You should persist any changes to disk (e.g. if a patient is deleted, delete them from the file on disk) however you do not have to optimize this. Doing
fs.writeFileSync
on every update is acceptable. - We use the debug module to print debug statements. See the documentation on how to use it. You do not need to add any debug statements, but it's there for you to use if you would like.
- We expect this project to take between 2-4 hours depending on your familiarity with Javascript and the tools used here. If you find yourself spending more than 4 hours, please stop and submit what you have. We will use your feedback to calibrate.
{
"resourceType": "Patient",
"id": String,
"gender": String<one of coded values, see below>,
"identifier": [
{
"use": String<one of coded values, see below>,
"system": String,
"value": String
}
],
"birthDate": Date - see https://www.hl7.org/fhir/datatypes.html#date,
"name": [
{
"use": String<one of coded values, see below>,
"text": String,
"family": String,
"given": [
String
]
}
]
}
Coded Values