Project - Hybrid App with Image Processing

im-Amitto · April 25, 2020, 10:13pm

Ok, i will just store the credentials for now

im-Amitto · April 25, 2020, 10:14pm

I would like to help you fixing the blank screen but can you provide me with a few more details.

gutiersa · April 26, 2020, 7:13pm

yes please. But I will create a new thread.

dixonwhitmire · April 26, 2020, 7:37pm

Just to add . . If the OpenEMR community does take on implementing OpenID/OAuth2 down the line, it may be best to factor out that functionality into separate project to keep things modular. If the solution is deemed to be too heavy a lift, there may be a viable and secure alternative in the Android/mobile eco-system. Unfortunately I don’t work in the mobile space so I don’t have firsthand experience with the solutions.

im-Amitto · April 27, 2020, 3:29am

That’s right thing to do

gutiersa · April 29, 2020, 4:35am

Hi, here is the new thread:

thanks a lot
Sandra

im-Amitto · April 30, 2020, 2:48am

@brady.miller @sjpadgett @stephenwaite @RachelEllison
Check this out. It’s just a first step toward ocr support. For now i am planning to using it for reading medicine name but it can be used at many other places. Also, i have just completed the chat UI, currently it’s missing the backend so not posting it for now.
Language: Go

im-Amitto · April 30, 2020, 9:25am

@brady.miller @sjpadgett @stephenwaite @RachelEllison
A New update:
Heart beat monitor. It’s ready to use but i will update it for better accuracy.

im-Amitto · May 5, 2020, 11:52am

@yashrajbothra @stu01509
What you think about a video call with mentors who helped us in achieving this feat.

yashrajbothra · May 5, 2020, 2:28pm

Sounds Amazing Eitherway we can join weekly zoom call this saturday

stu01509 · May 5, 2020, 9:04pm

Sound great, If mentors needed video call, I can participant

im-Amitto · May 6, 2020, 5:59pm

@brady.miller I am planning to build a stable version by end of this week and based on the app features i do need a login API for patients too but i am not sure if an API is available and if it’s what kind of data a patient have access to.

brady.miller · May 6, 2020, 7:58pm

hi @im-Amitto , I’ve been putting some thought into adding patient support to the current API. Considering adding another route (api/fhir/portal) that would support calls by patients. It would follow same login/permissions as current patient portal. It will force us to encapsulate the current patient portal authentication steps, which is something I’ve wanted to do for awhile (such as was done for the core/api auth in src/Common/Auth/AuthUtils.php awhile back). Plan to play around with this idea over next week or so.

sjpadgett · May 9, 2020, 1:11pm

Here very soon i’m going to be adding new authentication flows to openemr.
Plan is to support OpenId Connect, Password and Client grants types.
Will add roles to login such as:

Server
Patient
User
API
Application

OpenEMR will provide our own Auth provider for security and MFA. Luckily our current ACL engine gives us a good start.

Further discussion will be here: Authentication Improvements
Please jump in…

zerai · May 9, 2020, 2:27pm

Hi,
if you’re referring to phpGACL library, I think it should be removed entirely
it is an abandoned project since 2006.
Why build the future of openemr on a dead thing?

sjpadgett · May 9, 2020, 2:52pm

Project may be dead but code is not. ACL if perfectly fine where we maintain the project.
I looked at replacing this several years back and decided umm, not me!

However, if you want to take a shot at it, okay.

@zerai
Oh, a side note. I test integrated your composer modules farm awhile back and found it very useful.(just a couple integration issues)
I’d still like to see it brought into OpenEMR if you’d be willing to do the PR

zerai · May 9, 2020, 3:52pm

If the problem is “human resource,” I’m with you, leave the library inside openemr.
But you should consider that “security” is the fastest sector/area in IT, it evolves on a daily basis, every year there is a new standard, openemr maintainers are able (in human cost terms) to follow that velocity? I hope, but it’s hard to believe because you need a working person only and exclusively for that.

In a few words, when you or Brady update the library code is for application need (login system, or other things). There is no update t external reasons like IT security standard OSWAP or other standards, new threats.

In the long term, the effort to integrate new security&auth features (stateless, OAuth, openId, ecc…) on old and not maintained library with bug is much bigger than a replacement with a well modern and maintained sec. Library. IMHO (pay the cost once VS pay forever)

Check the result on sonarcloud there are a couple versions of openemr, see the warning/stats/score in the security area.

(Sorry for typos, English is not my language)

zerai · May 9, 2020, 4:11pm

I can give you admin auth for update or if you want move the repo…

brady.miller · May 10, 2020, 8:21am

@sjpadgett ,
I was gonna play around with making a new api route table (and other pieces) portal akin to api/fhir for support of a patient specific api. Does that make sense? Shouldn’t step on what your doing and there’s a good chance my work may end up in the wastebasket anyways

im-Amitto · May 10, 2020, 8:45am

Let me know if i can help in some way