In this section we summarize the components that have been integrated into medAL-data's Laravel web server.
The back-end changes consists of the following additions:
Laravel Passport plugin AuthDeviceController which is the controller used for most of the Passport-protected API routes for devices.
In order to install passport, we had to make slight changes to the laravel version currently used by this server. Originally, the composer.json file had the following version:
"require": {
...
"laravel/framework": "6.0.*",
...
},
Which we changed to:
"require": {
....
"laravel/framework": "^6.20.26",
...
},
for the passport installation to work properly.
After changing the composer.json, we run composer update followed by composer require laravel/passport which successfully installed passport's back-end routes. The routes used for Passport are then registered in the AuthServiceProvider.php provider class where we only used the routes necessary for our desired functionality.
The new migrations are the following:
health_facilities table that are used to manage health facilities. Moreover, a name column has been added (as the pre-existing was unconventionally called facility_name). devices table and device_types table have been created to store device information. version_jsons table has been created to store the version's json files that are then fetched by the devices.DeviceService class is used to make the link between a Device model and Passport's Client model, which represent OAuth clients. This service is also used to resolve a Device model from a token that is part of the request.HealthFacilityService class is used to assign and unassign devices.AlgorithmService class is used to fetch algorithms and versions from the medAL-creator server and assign versions to health facilities.
For more information, the service classes are properly commented in App/Http/Services.
The newly controllers are the following:
DeviceController handles requests for creating editing and deleting devices.HealthFacilityController handles request for creating, editing and deleting health facilities. Additionally, it handles algorithm related-requests and assignment/unassignment of devices.Api\AuthDeviceController handles requests coming from authenticated devices to fetch their health facility information, upload their device information and get their algorithm versions.
The DeviceController and HealthFacilityController are guarded by the web and auth and permission:
Logistician role hold these permissions). Additionally, handles authorize slug requests depending on policies that only allow a user to modify its own resources. The Api\AuthDeviceController handlers are guarded by the auth:api middleware which is followed by the device.resolve middleware which translates each request with a token to the corresponding device model and adds a timestamp to the last_seen column of the devices table.For creating and editing devices and health facilities, custom request classes have been created to validate the request. Moreover, when returning device models to the front-end it is first converted to a Device resource which omits some fields and translates others for the user.
The Logistician role has been added with has permissions to reset its own password, view its user information, manage health facilities and devices.
The existing front-end has been extended with two new dashboard accessible to logistician users, Devices and Health Facilities. Both dashboard are made of reactive vue components.
The version of Laravel mix previously declared in package.json was making the node compilation failed (on heroku) so it has been changed to : “laravel-mix”: “^5.0.1”,
after which the command npm install is run to update the dependencies.