A fork of https://github.com/hicsail/anchor, modified for our purposes.
- For the sake of temporary simplicity, we are mainly implementing interactions with Mongo ourselves, rather than using the existing MongoModels provided as part of the Anchor framework. The javascripts for Mongo Models for our data have been created, but are not in use.
- Authentication for posting results consists of checking if the user's ID is currently in the session collection (known to be insecure, just being used for demoing).
- Authentication for retrieving patient info is also a simple post of the userID and ensuring the user is currently logged in. This is known to be blatantly insecure, but is a temporary solution for demo purposes. Next step is to integrate with Anchor's included authentication.
A user system API starter with a database administrative system. Bring your own front-end.
- Login system with forgot password and reset password
- Abusive login attempt detection
- User roles for analysts, clinicians, researchers, admins
- Analyst can view anonymized information
- Clinician can view information of specific users
- Researcher can view all information
- Admins can view update and delete all information
- Auto Backups
- Admin UI to view Database Records
- Custom Event Tracking
- User Feedback System
- Email Invites
- API Tokens
Anchor is built with the hapi framework. We're using MongoDB as a data store. This project was originally a fork from Frame
You need Node.js installed and you'll need MongoDB installed and running.
HICSAIL's Anchor uses bcrypt for hashing secrets, but we encountered issues and used [bcryptjs]. If you want to use [bcrypt] and have issues during installation, then referto this wiki
page.
$ git clone https://github.com/bu-else/2017-tbia-anchor.git
$ cd 2017-tbia-anchor
$ npm installSimply edit config.js. The configuration uses
confidence which makes it easy to
manage configuration settings across environments. Don't store secrets in
this file or commit them to your repository.
Instead, access secrets via environment variables. We use
dotenv to help make setting local
environment variables easy (not to be used in production).
Simply copy .env-sample to .env and edit as needed. Don't commit .env
to your repository.
WARNING: This will clear all data in several Mongo collections (use a new mongo database for this framework).
$ npm run first-time-setup
# > [email protected] first-time-setup /home/hicsail/projects/anchor
# > node first-time-setup.js
# MongoDB URL: (mongodb://localhost:27017/anchor)
# Root user email: [email protected]
# Root user password:
# Setup complete.$ npm start
# > [email protected] start /Users/hicsail/projects/anchor
# > ./node_modules/nodemon/bin/nodemon.js -e js,md server
# 09 Sep 03:47:15 - [nodemon] v1.10.2
# ...Now you should be able to point your browser to http://127.0.0.1:9000/ and see the welcome message.
nodemon watches for changes in server
code and restarts the app automatically.
$ node server.jsUnlike $ npm start this doesn't watch for file changes. Also be sure to set
these environment variables in your production environment:
NODE_ENV=production- This is important for many different optimizations.NPM_CONFIG_PRODUCTION=false- This tells$ npm installto not skip installingdevDependencies, which we may need to run the first time setup script.
MIT