0

I'm new to django and very limited experience in the field so i thought you could help me out.

I am trying to Build a Patient Health Record (PHR) system ,Where there are two types of users Owner and Doctor which are both instances of the User class. I want to create an app where the Doctor is logged in and the user has to enter his credentials to permit the doctor to add an entry to his PHR.

I'll be more than happy if you could help me with the dual logging part with the models and views for authentication.

Vishnu667
  • 768
  • 1
  • 16
  • 39

1 Answers1

1

You can use Django 1.5's new configurable user model to accomplish this. You can review the documentation here.

To give you a general idea, you extend your user model to AbstractUser and add additional fields to create a linking relationship between Doctors and Patients. You would use a ForeignKey relationship if patients can only have one doctor and a doctor can have many patients, or a Many to Many relationship if patients can have many doctors. My example below is using the ForeignKey:

class PHRUser(AbstractUser):
    phr_relate = models.ForeignKey(settings.AUTH_USER_MODEL, null=True, blank=True)
    token = models.EmailField(null=True, blank=True)
    USER_CHOICES = (
        ('1', 'Doctor'),
        ('2', 'Patient')
    )
    user_type = models.CharField(choices=USER_CHOICES, max_length=10)

Then in your registration you can implement something like:

def UserRegistration(request):
    if request.method == 'POST':
        form = UserCreateForm(request.POST)
        if form.is_valid():
            data = request.POST.copy()
            # if user that is registering is a doctor, token is their own email. otherwise their token is their doctor's email and
            # their relation is their doctor
            if data.__getitem__('user_type') == '1':
                data.__setitem__('token', data.__getitem__('email'))
            else:
                doctor = PHRUser.objects.get(email=data.__getitem__('token'))
                data.__setitem__('phr_relate', staker.id)
                data.__setitem__('token', '')
            new_user = form.save(data)
        return HttpResponseRedirect('/')

Then in your views you can implement a utility function such as:

def user_relation(request, owner):
    if (request.user.email == owner.email) or (request.user.email == owner.token):
        return True

Pass in the user object of the owner of the records as owner and the function will:

  • Return True if the logged in user is a doctor and they are trying to view their authorized patients records
  • Return True if the logged in user is a patient and they are trying to view their own records
  • Return False otherwise

You can use this function as a check to see what you should show for this request in your view.

You will probably need to do some tinkering around to get this right for your implementation, but this should get you started.

Dan Hoerst
  • 6,222
  • 2
  • 38
  • 51