Welcome to the Medical Appointments API
The Medical Appointments API is a production-ready Express.js REST API designed for managing medical appointments with comprehensive role-based access control. Built with modern technologies including Prisma ORM, PostgreSQL, and JWT authentication, it provides a robust foundation for healthcare scheduling systems.Authentication & Authorization
Secure JWT-based authentication with role-based access control for Admins, Doctors, and Patients
Appointment Management
Complete appointment lifecycle management with status tracking (pending, confirmed, cancelled, completed)
Time Block System
Flexible time block creation and management allowing doctors to define their availability
Audit Logging
Comprehensive audit trail tracking all user actions and system events
System architecture
The API is built on a modern Node.js stack with the following key components:- Express.js - Fast, unopinionated web framework for handling HTTP requests
- Prisma ORM - Type-safe database access with PostgreSQL
- JWT Authentication - Stateless authentication using JSON Web Tokens
- Joi Validation - Schema-based request validation
- Swagger/OpenAPI - Interactive API documentation
Role-based access control
The API implements three distinct user roles:- Admin - Full system access, user management, and appointment oversight
- Doctor - Create time blocks, manage their appointments, and view patient reservations
- Patient - Book appointments, view their reservations, and manage their profile
Database schema
The system uses a relational database structure with four main models:- User - Stores user accounts with role assignments and authentication data
- Appointment - Links patients and doctors with specific time blocks
- TimeBlock - Defines doctor availability slots
- AuditLog - Tracks all user actions for compliance and security
Get started
Quickstart
Get up and running in minutes with our step-by-step quickstart guide
Installation
Detailed installation instructions for production and development environments