Healthbook is a modern web application that allows users to upload their medical information and to give access to certain research facilities that are interested in the data of target groups.
The application guarantees confidentiality of uploaded and shared medical information of end users by anonymizing them. Research facilities are able to create medical queries targeting different groups of patients. Once such a query has been added, users who previously shared certain datasets and now match the given query are automatically notified. The end user then can decide which (anonymized) dataset gets shared with the research facility for which a financial compensation will be received.
- Registration & Login (End user)
- Overview of one's own medical datasets and ability to persist new ones (End user)
- Share own medical dataset with specific research facility (End user)
- Login (Research facility)
- Overview of anonymized datasets (Research facility)
- Issue a new medical query (Research facility)
- Pushed browser notifications if there is a new medical query matching one (or more) dataset(s) of the end user
- Angular 5 with Material Design for the frontend
- Spring Boot 2 for the backend featuring non-blocking reactive WebFlux REST-API; written in Kotlin
- MongoDB for the persistence layer because of its great reactive support
- Docker and docker-compose for deployment
Assuming you have working Docker on your machine, simply navigate in your console
to the project root folder (web-app-engineering
) and start the docker-compose task:
docker-compose up
Note: In order to avoid console output, you may use the -d
(detach) flag.
The following docker images are used:
- rasakul/waecm-2018-group-09-bsp-3-backend
- based on "java:8-jre"
- hash: sha256:321753cf8cb7f30b40db5f2de00d60cb833f09fcaf3e0163041bf7d1e1ee7ae2
- rasakul/waecm-2018-group-09-bsp-3-mongo
- based on "mongo:3"
- hash: sha256:2ac2b0f7f9b18f0979bd6a344ff56ac8ffa289cd2ca0165cfe022554811aa100
- rasakul/waecm-2018-group-09-bsp-3-frontend
- based on "node:9"
- hash: sha256:c8da9b2aef79af5fe23ef72f9e75cc22a68cbc3fe5a5026bba0524072f1a9421
- swaggerapi/swagger-ui
- Link
- hash: sha256:3a96c9da0b2fcb7a813821a0203f4a15cfebaad7d7549763d7840b865fcc9855
After the application has been successfully deployed, the frontend can be accessed under https://localhost:8069 . Your browser might prompt a warning stating that the connection cannot be trusted. Simply whitelist the URL and frontend will load. Furthermore, the backend's certificate must also be whitelisted. If the Swagger UI at http://localhost:8888 doesn't show an error, you're good to go, otherwise you need to whitelist the https://localhost:8443 URL as well.
Note 1: If you get 504 (Gateway Timeout) error, you should clear your browser's cache.
Note 2: If you are using Chrome, you may get SecurityError: Failed to register a ServiceWorker error, which is due to the self-signed certificate. To overcome this issue please enable the following option: chrome://flags/#allow-insecure-localhost.
Note 3: If you don't get any Browser-notifications, the cookies for localhost must be deleted. Simply log out and delete the cookies stored in the browser for the frontend.
There is one end user already registered in the database, with a couple of sample medical data and queries matching these. You can also log in with two research facility accounts:
- End user (John Doe)
- E-mail:
test.user@gmail.com
- Password:
password
- E-mail:
- Facility 1
- E-mail:
research@who.com
- Password:
password
- E-mail:
- Facility 2
- E-mail:
research@bayer.com
- Password:
password
- E-mail:
The REST API of the backend is fully documented and can be accessed through http://localhost:8888. The Swagger UI is hosted in a separate container, which queries the backend's documentation endpoint.
Important: Once you open Swagger UI it may prompt an error (see image below). This is due to the fact that the HTTPS certificate of the backend cannot be verified (since it is self-signed). The solution is to whitelist the https://localhost:8443 URL (address of the backend). Solution on Firefox: open Settings -> Privacy & Security -> Certificates -> Show certificates -> Server (Tab) -> Add exception. After whitelisting the backend's address the Swagger UI should be able to load the API documentation without any problems.
The backend application uses JWT token based authorization to secure the different endpoints. Authentication is carried out via basic username (= e-mail) and password input and the backend replies with a JWT token valid until the next day. The role of the user (end user or research facility) is encoded into the token so that the backend can also use it for role-based access control.
The backend's and the frontend's servers are secured via HTTPS. Note however, that this is a proof of concept, therefore self-signed certificates are used. This is not encouraged in production.
This section is only for development purposes. In order to start the backend successfully, a local mongo db has to be started and configured appropriately.
The first step is to install MongoDB on your preferred OS. After that, start the database:
mongod
In a separate terminal tab, start the mongo shell:
mongo
In the shell, switch to our database:
use waecmDatabase
This will create it if it doesn't exist yet and whenever you use db
in the mongo shell this database
will be referenced. Now simply insert the two sample research facility users:
db.abstract_user.save(
{
"_id": ObjectId("5ac9e3e48a6d874b3da4b3f9"),
"email": "research@who.com",
"password": "$2a$15$8lEAUlhZagj4Egwt87Vq5ect2LBCwIzwHVFgFTugzKLS/jvebdiGu",
"_class": "at.ac.tuwien.waecm.ss18.group09.dto.ResearchFacility"
}
);
db.abstract_user.save(
{
"_id": ObjectId("5ac9e3e48a6d874b3da4b3ff"),
"email": "research@bayer.com",
"password": "$2a$15$8lEAUlhZagj4Egwt87Vq5ect2LBCwIzwHVFgFTugzKLS/jvebdiGu",
"_class": "at.ac.tuwien.waecm.ss18.group09.dto.ResearchFacility"
}
);
The last thing we need to do is add authentication to this database. Just like in production, we want to secure access to the database by protecting it with a username and password. In order to achieve this, we have to create a user with the appropriate role and its credentials:
db.createUser({ user: 'user', pwd: 'devPassword', roles: [ {role:'readWrite', db:'waecmDatabase'} ]})
If this succeeded, simply exit the shell (exit
) and stop the mongo instance. Then restart the mongo
instance, however this time with authorization enabled:
mongod --auth
This will simply turn on authorization.
After this, the Spring Boot app should be able to connect to your local mongo db through
localhost:27017
.
Summary of the most important endpoints:
- Frontend: https://localhost:8069
- Backend: https://localhost:8443
- Swagger-UI: http://localhost:8888
Thanks goes to these wonderful people:
David Molnar 💻 🎨 |
Lukas Kathrein 💻 |
Lukas Baronyai 💻 |
Michael Sober 💻 |
---|
Contact one of the contributors or open an issue.
This project is licensed under the MIT License. Feel free to use, extend or fit it to your needs.