create-steve-rogers 1.0.0

package/apps/HMSR/backend/.env.example

@@ -0,0 +1,6 @@
+PORT=5000
+DB_HOST=localhost
+DB_USER=root
+DB_PASSWORD=
+DB_NAME=hms_kfh_rwanda
+JWT_SECRET=your_super_secret_jwt_key_change_in_production

package/apps/HMSR/backend/config/db.js

@@ -0,0 +1,14 @@
+const mysql = require('mysql2/promise');
+require('dotenv').config();
+
+const pool = mysql.createPool({
+  host: process.env.DB_HOST || 'localhost',
+  user: process.env.DB_USER || 'root',
+  password: process.env.DB_PASSWORD || '',
+  database: process.env.DB_NAME || 'hms_kfh_rwanda',
+  waitForConnections: true,
+  connectionLimit: 10,
+  queueLimit: 0,
+});
+
+module.exports = pool;

package/apps/HMSR/backend/database/schema.sql

@@ -0,0 +1,55 @@
+-- King Faisal Hospital Rwanda - HMS Database Schema
+CREATE DATABASE IF NOT EXISTS hms_kfh_rwanda;
+USE hms_kfh_rwanda;
+
+DROP TABLE IF EXISTS medical_reports;
+DROP TABLE IF EXISTS appointments;
+DROP TABLE IF EXISTS patients;
+DROP TABLE IF EXISTS users;
+
+CREATE TABLE users (
+  id INT AUTO_INCREMENT PRIMARY KEY,
+  full_name VARCHAR(150) NOT NULL,
+  email VARCHAR(150) NOT NULL UNIQUE,
+  password VARCHAR(255) NOT NULL,
+  role ENUM('receptionist', 'doctor') NOT NULL,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE TABLE patients (
+  id INT AUTO_INCREMENT PRIMARY KEY,
+  full_name VARCHAR(150) NOT NULL,
+  gender ENUM('Male', 'Female', 'Other') NOT NULL,
+  date_of_birth DATE NOT NULL,
+  phone_number VARCHAR(30) NOT NULL,
+  address TEXT NOT NULL,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE TABLE appointments (
+  id INT AUTO_INCREMENT PRIMARY KEY,
+  patient_id INT NOT NULL,
+  doctor_id INT NOT NULL,
+  appointment_date DATE NOT NULL,
+  appointment_time TIME NOT NULL,
+  status ENUM('scheduled', 'completed', 'cancelled') DEFAULT 'scheduled',
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FOREIGN KEY (patient_id) REFERENCES patients(id) ON DELETE CASCADE,
+  FOREIGN KEY (doctor_id) REFERENCES users(id) ON DELETE RESTRICT
+);
+
+CREATE TABLE medical_reports (
+  id INT AUTO_INCREMENT PRIMARY KEY,
+  appointment_id INT NOT NULL UNIQUE,
+  patient_id INT NOT NULL,
+  doctor_id INT NOT NULL,
+  diagnosis TEXT NOT NULL,
+  prescription TEXT NOT NULL,
+  report_date DATE NOT NULL,
+  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+  FOREIGN KEY (appointment_id) REFERENCES appointments(id) ON DELETE CASCADE,
+  FOREIGN KEY (patient_id) REFERENCES patients(id) ON DELETE CASCADE,
+  FOREIGN KEY (doctor_id) REFERENCES users(id) ON DELETE RESTRICT
+);
+
+-- Run: npm run seed (after creating .env) to add demo users

package/apps/HMSR/backend/database/seed.js

@@ -0,0 +1,53 @@
+const bcrypt = require('bcryptjs');
+const mysql = require('mysql2/promise');
+require('dotenv').config({ path: require('path').join(__dirname, '..', '.env') });
+
+async function seed() {
+  const connection = await mysql.createConnection({
+    host: process.env.DB_HOST || 'localhost',
+    user: process.env.DB_USER || 'root',
+    password: process.env.DB_PASSWORD || '',
+    database: process.env.DB_NAME || 'hms_kfh_rwanda',
+  });
+
+  const users = [
+    {
+      full_name: 'Marie Uwase',
+      email: 'reception@kfh.rw',
+      password: 'receptionist123',
+      role: 'receptionist',
+    },
+    {
+      full_name: 'Dr. Jean Pierre Nkurunziza',
+      email: 'doctor1@kfh.rw',
+      password: 'doctor123',
+      role: 'doctor',
+    },
+    {
+      full_name: 'Dr. Alice Mukamana',
+      email: 'doctor2@kfh.rw',
+      password: 'doctor123',
+      role: 'doctor',
+    },
+  ];
+
+  console.log('Seeding users...');
+  for (const user of users) {
+    const hashed = await bcrypt.hash(user.password, 10);
+    await connection.query(
+      `INSERT INTO users (full_name, email, password, role)
+       VALUES (?, ?, ?, ?)
+       ON DUPLICATE KEY UPDATE full_name = VALUES(full_name), password = VALUES(password)`,
+      [user.full_name, user.email, hashed, user.role]
+    );
+    console.log(`  ${user.email} / ${user.password}`);
+  }
+
+  await connection.end();
+  console.log('Seed complete.');
+}
+
+seed().catch((err) => {
+  console.error(err);
+  process.exit(1);
+});

package/apps/HMSR/backend/middleware/auth.js

@@ -0,0 +1,26 @@
+const jwt = require('jsonwebtoken');
+
+const authenticate = (req, res, next) => {
+  const header = req.headers.authorization;
+  if (!header || !header.startsWith('Bearer ')) {
+    return res.status(401).json({ message: 'Access denied. No token provided.' });
+  }
+
+  try {
+    const token = header.split(' ')[1];
+    const decoded = jwt.verify(token, process.env.JWT_SECRET);
+    req.user = decoded;
+    next();
+  } catch {
+    return res.status(401).json({ message: 'Invalid or expired token.' });
+  }
+};
+
+const authorize = (...roles) => (req, res, next) => {
+  if (!roles.includes(req.user.role)) {
+    return res.status(403).json({ message: 'You do not have permission for this action.' });
+  }
+  next();
+};
+
+module.exports = { authenticate, authorize };