https://github.com/olubusade/emr-suite-backend
Production-ready backend for wiCare EMR demo built with Node.js, Express, Sequelize & PostgreSQL. Features JWT auth, RBAC, audit logging, Docker, and Jest tests. Secure, scalable, and cloud-ready to support multi-role workflows (Admin, Doctor, Nurse, Pharmacist, Biller, Lab Tech, Receptionist).
https://github.com/olubusade/emr-suite-backend
backend cicd docker emr express healthcare jwt nodejs postgresql rbac sequelize
Last synced: 3 months ago
JSON representation
Production-ready backend for wiCare EMR demo built with Node.js, Express, Sequelize & PostgreSQL. Features JWT auth, RBAC, audit logging, Docker, and Jest tests. Secure, scalable, and cloud-ready to support multi-role workflows (Admin, Doctor, Nurse, Pharmacist, Biller, Lab Tech, Receptionist).
- Host: GitHub
- URL: https://github.com/olubusade/emr-suite-backend
- Owner: olubusade
- License: other
- Created: 2025-08-30T00:43:16.000Z (10 months ago)
- Default Branch: master
- Last Pushed: 2026-03-17T17:39:24.000Z (4 months ago)
- Last Synced: 2026-03-18T07:08:36.885Z (4 months ago)
- Topics: backend, cicd, docker, emr, express, healthcare, jwt, nodejs, postgresql, rbac, sequelize
- Language: JavaScript
- Homepage:
- Size: 379 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ๐ฅ EMR-Suite Backend
**Production-Grade Electronic Medical Records (EMR) Backend (Demo)**






---
## ๐ Overview
**EMR-Suite Backend** is a **production-grade Node.js backend** designed to power a modern **Electronic Medical Records (EMR)** platform.
> โ ๏ธ **Recruiter / Reviewer Note**
> This repository is a **backend demo extracted from a real EMR system** (wiCare EMR).
> It intentionally focuses on **architecture, security, scalability, and healthcare workflows**, not UI polish.
> The frontend (Angular + Ionic) lives in a separate repository.
This project demonstrates how I design **secure, auditable, role-aware APIs** suitable for **regulated healthcare environments**.
---
## ๐ฏ What This Project Demonstrates
โ Clean backend architecture
โ Secure authentication & authorization
โ Real-world healthcare workflows
โ Auditability & compliance thinking
โ Production readiness (Docker, CI, tests, monitoring)
This is **not** a CRUD demo โ it is a **system-level backend**.
---
## ๐ง Core Architectural Principles
* **Security-first design** (JWT, RBAC, rate limits)
* **Explicit role & permission modeling**
* **Auditability for healthcare compliance**
* **Separation of concerns** (controllers, services, middleware)
* **Observable & testable** by default
* **Container-ready** for modern deployments
---
## ๐ Authentication & Security
### Authentication
* JWT **access & refresh tokens**
* Token expiration & revocation
* Secure password hashing
* Password change enforcement
### Security Hardening
* Rate limiting (global + route-level)
* Helmet security headers
* CORS configuration
* Centralized request logging
---
## ๐งฉ Role-Based Access Control (RBAC)
RBAC is **first-class**, not an afterthought.
### Roles
* `super_admin`
* `admin`
* `doctor`
* `nurse`
* `receptionist`
* `patient`
### Permission Model
* Fine-grained permissions (e.g. `appointment.create`, `vital.update`)
* Many-to-many relationships:
* `Users โ Roles`
* `Roles โ Permissions`
* Centralized `authorize()` middleware
```ts
router.post(
'/',
authRequired,
authorize(PERMISSIONS.CLINICALNOTE_CREATE),
clinicalController.create
);
```
โ Easily extensible
โ Prevents role leakage
โ Matches enterprise RBAC standards
---
## ๐ฅ Domain Modules
Each module mirrors **real hospital workflows**:
### ๐ง Patients
* Registration & demographic management
* Medical identifiers
* Emergency contacts
### ๐
Appointments
* Reception-driven scheduling
* Status lifecycle (today / past / upcoming)
* Role-aware visibility
### ๐ฉบ Clinical Notes
* Doctor-only creation
* Immutable historical records
* Full audit trail
### ๐ Vitals
* Nurse-driven vitals capture
* Time-series friendly design
### ๐ณ Billing
* Paid vs pending bills
* Financial audit readiness
---
## ๐งพ Audit Logging
Every sensitive action is recorded.
**Audit captures:**
* Actor (who performed the action)
* Entity affected
* Action type
* Before & after state
* Timestamp
This is critical for:
* Healthcare compliance
* Internal investigations
* Debugging production incidents
---
## ๐ Monitoring & Observability
* **Prometheus metrics** exposed at `/metrics`
* Tracks:
* Request count
* Latency
* Error rates
* Route-level performance
Ready for **Grafana integration**.
---
## ๐ System Architecture
```mermaid
flowchart TD
A[Client / Frontend] --> B[Express Middleware]
B -->|JWT Auth| C[Controllers]
B -->|RBAC Check| C
B -->|Audit Logging| C
C --> D[Service Layer]
D --> E[Sequelize ORM]
E --> F[(PostgreSQL)]
B --> G[Prometheus Metrics]
style A fill:#f9f
style B fill:#bbf
style C fill:#bfb
style D fill:#ffb
style E fill:#fbf
style F fill:#fbb
style G fill:#ccc
```
---
๐ Deployment
Zero-Cost Demo (Render)
For demo purposes, this backend is configured for Render.
Connect this GitHub repo to Render.
Add DATABASE_URL and JWT_SECRET to environment variables.
The render.yaml (Blueprint) will automatically provision the Web Service and Database.
## ๐ Project Structure
```bash
emr-suite-backend/
โโโ src/
โ โโโ config/ # env, db, jwt, swagger
โ โโโ constants/ # roles, permissions, enums
โ โโโ controllers/ # HTTP layer
โ โโโ middlewares/ # auth, RBAC, audit, rateLimit
โ โโโ models/ # Sequelize models
โ โโโ routes/ # API definitions
โ โโโ seed/ # roles, users, permissions
โ โโโ services/ # SQL logic
โ โโโ utils/ # logger, validators
โ โโโ app.js
โ โโโ server.js
โโโ tests/ # Jest + Supertest
โโโ docker/ # Docker & compose configs
โโโ .env.* # Environment configs
โโโ README.md
```
---
## ๐ API Documentation
* **Swagger UI:**
๐ `http://localhost:5000/api-docs`
Includes:
* Request/response schemas
* Auth requirements
* RBAC notes per endpoint
---
## ๐งช Testing Strategy
* **Jest + Supertest**
* Covers:
* Appointments
* Clinical Notes
* Vitals
* RBAC enforcement
* Includes negative cases (permission denied, invalid input)
```bash
npm test
npm run test:watch
```
---
## ๐ Local Development
### Prerequisites
* Node.js โฅ 20
* PostgreSQL โฅ 15
* npm โฅ 9
```bash
git clone https://github.com/olubusade/emr-suite-backend.git
cd emr-suite-backend
npm install
cp .env.local.dev .env
npm run migrate
npm run seed
npm run dev
```
Server: `http://localhost:5000`
---
## ๐ณ Docker Support
### Development
```bash
npm run docker:up:dev
npm run docker:seed:dev
```
### Production
```bash
npm run docker:up:prod
npm run docker:seed:prod
```
Multi-stage builds ensure:
* Small image size
* Faster deployments
* Production-only dependencies
---
## ๐ CI/CD (GitHub Actions)
* Runs on every **push & PR**
* Pipeline:
1. Spin up PostgreSQL
2. Run migrations & seeds
3. Execute Jest test suite
โ Prevents broken deployments
โ Enforces discipline
---
## ๐ค About the Author
**Busade Adedayo**
Senior Software Engineer (Healthcare Systems)
* 5+ years building production EMR systems
* Strong focus on backend architecture & security
* Experience with real hospital workflows
* Passionate about scalable, maintainable systems
---
## ๐ License
MIT ยฉ 2025 โ Busade Adedayo
---