Skip to content

Commit 1d707b4

Browse files
rohitbytecoderohitbytecode
committed
fix: authmiddleware duplication export
1 parent a3864e7 commit 1d707b4

3 files changed

Lines changed: 303 additions & 5 deletions

File tree

API_DOCS.md

Lines changed: 300 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,300 @@
1+
## Base URL
2+
3+
```
4+
http://localhost:5000/api
5+
```
6+
7+
All protected routes require:
8+
9+
```
10+
Authorization: Bearer <JWT_TOKEN>
11+
```
12+
13+
---
14+
15+
# 🔐 Authentication
16+
17+
## Login
18+
19+
**POST** `/auth/login`
20+
21+
### Request Body
22+
23+
```json
24+
{
25+
"email": "admin@example.com",
26+
"password": "password123"
27+
}
28+
```
29+
30+
### Success Response
31+
32+
```json
33+
{
34+
"success": true,
35+
"data": {
36+
"token": "jwt_token_here",
37+
"user": {
38+
"id": "user_id",
39+
"role": "admin",
40+
"email": "admin@example.com"
41+
}
42+
}
43+
}
44+
```
45+
46+
---
47+
48+
# 👨‍⚕️ Doctors
49+
50+
## Get All Doctors
51+
52+
**GET** `/users/doctors`
53+
54+
**Roles:** admin
55+
56+
### Response
57+
58+
```json
59+
{
60+
"success": true,
61+
"data": {
62+
"doctors": [],
63+
"total": 15, //didn't add pagination yet.
64+
"page": 1,
65+
"pages": 2
66+
}
67+
}
68+
```
69+
70+
---
71+
72+
## Create Doctor
73+
74+
**POST** `/users/doctors`
75+
76+
**Roles:** admin
77+
78+
### Body
79+
80+
```json
81+
{
82+
"name": "Dr. Smith",
83+
"email": "smith@hospital.com",
84+
"department": "cardiology"
85+
}
86+
```
87+
88+
---
89+
90+
# 👤 Patients
91+
92+
## Get All Patients
93+
94+
**GET** `/patients`
95+
96+
**Roles:** admin, receptionist
97+
98+
---
99+
100+
## Create Patient
101+
102+
**POST** `/patients`
103+
104+
**Roles:** admin, receptionist
105+
106+
### Body
107+
108+
```json
109+
{
110+
"name": "John Doe",
111+
"age": 30,
112+
"gender": "male",
113+
"phone": "9999999999"
114+
}
115+
```
116+
117+
---
118+
119+
# 📅 Appointments
120+
121+
## Create Appointment
122+
123+
**POST** `/appointments`
124+
125+
**Roles:** admin, receptionist
126+
127+
### Body
128+
129+
```json
130+
{
131+
"doctor": "doctor_id",
132+
"patient": "patient_id",
133+
"date": "2026-02-20T10:00:00Z"
134+
}
135+
```
136+
137+
### Failure (Conflict)
138+
139+
```json
140+
{
141+
"success": false,
142+
"message": "Doctor already has an appointment at this time"
143+
}
144+
```
145+
146+
---
147+
148+
## Update Appointment Status
149+
150+
**PATCH** `/appointments/:id/status`
151+
152+
**Roles:** admin, doctor
153+
154+
### Body
155+
156+
```json
157+
{
158+
"status": "completed"
159+
}
160+
```
161+
162+
---
163+
164+
# 💰 Billing
165+
166+
## Create Billing
167+
168+
**POST** `/billing`
169+
170+
**Roles:** admin
171+
172+
### Body
173+
174+
```json
175+
{
176+
"patient": "patient_id",
177+
"amount": 1500
178+
}
179+
```
180+
181+
---
182+
183+
## Update Billing Status
184+
185+
**PATCH** `/billing/:id/status`
186+
187+
**Roles:** admin, billing
188+
189+
### Body
190+
191+
```json
192+
{
193+
"status": "paid",
194+
"paymentMethod": "cash"
195+
}
196+
```
197+
198+
---
199+
200+
# 📊 Dashboard
201+
202+
## Admin Summary
203+
204+
**GET** `/admin/dashboard/summary`
205+
206+
**Roles:** admin
207+
208+
### Response
209+
210+
```json
211+
{
212+
"success": true,
213+
"data": {
214+
"totalDoctors": 5,
215+
"totalPatients": 40,
216+
"totalAppointments": 100,
217+
"totalRevenue": 45000,
218+
"pendingRevenue": 5000,
219+
"todayAppointments": 8
220+
}
221+
}
222+
```
223+
224+
---
225+
226+
# 📈 Reports
227+
228+
## Revenue Report
229+
230+
**GET** `/reports/revenue`
231+
232+
**Roles:** admin, billing
233+
234+
### Query Params
235+
236+
```
237+
?startDate=2026-01-01
238+
&endDate=2026-01-31
239+
```
240+
241+
---
242+
243+
## Appointment Report
244+
245+
**GET** `/reports/appointments`
246+
247+
**Roles:** admin
248+
249+
---
250+
251+
## Doctor Summary
252+
253+
**GET** `/reports/my-summary`
254+
255+
**Roles:** doctor
256+
257+
---
258+
259+
# 🔐 RBAC Summary Table
260+
261+
| Route | Admin | Doctor | Reception | Billing |
262+
| ---------------- | ----- | ------- | --------- | -------------- |
263+
| /users/doctors |||||
264+
| /patients |||||
265+
| /appointments || ✔ (own) |||
266+
| /billing |||||
267+
| /reports || Limited || Financial Only |
268+
| /admin/dashboard |||||
269+
270+
---
271+
272+
# ⚠ Standard Response Format
273+
274+
Success:
275+
276+
```json
277+
{
278+
"success": true,
279+
"data": {},
280+
"message": "Optional message"
281+
}
282+
```
283+
284+
Error:
285+
286+
```json
287+
{
288+
"success": false,
289+
"message": "Error description"
290+
}
291+
```
292+
293+
---
294+
295+
# 📌 Frontend Integration Notes
296+
297+
* Always send JWT in Authorization header
298+
* Role-based UI must match backend RBAC
299+
* Do not trust frontend-only role checks
300+
* Use pagination parameters for large datasets

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,4 +18,4 @@ ENV NODE_ENV=production
1818
EXPOSE 5000
1919

2020
# Start server
21-
CMD ["node", "server.js"]
21+
CMD ["node", "server.js"]

src/middleware/authmiddleware.js

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
import jwt from 'jsonwebtoken';
22

3-
const protect = (req, res, next) => {
3+
export const protect = (req, res, next) => {
44
let token;
55

66
if (
@@ -49,6 +49,4 @@ export const authorize = (...roles) => {
4949

5050
next();
5151
};
52-
};
53-
54-
export { protect, authorize };
52+
};

0 commit comments

Comments
 (0)