API Overview
The JagWell application provides a RESTful API for managing wellness data, patients, treatments, and user accounts. All API endpoints require authentication using JWT tokens.
Authentication API
POST /api/auth/login
Description: Authenticate a user and return a JWT token
Request Body:
{
"username": "string",
"password": "string"
}Response:
{
"token": "JWT token string",
"user": {
"id": number,
"username": "string",
"role": "string"
}
}POST /api/auth/logout
Description: Logout the current user
Requires: Valid JWT token in Authorization header
Response:
{
"message": "Logged out successfully"
}GET /api/auth/me
Description: Get information about the current user
Requires: Valid JWT token in Authorization header
Response:
{
"user": {
"id": number,
"username": "string",
"role": "string",
"firstName": "string",
"lastName": "string",
"email": "string"
}
}Doctor API Endpoints
GET /api/doctor/patients
Description: Get list of patients with search, sort, and pagination
Query Parameters:
- search (optional): Search by patient name or ID
- status (optional): Filter by patient status ('Student', 'Staff', or 'all')
- sort (optional): Sort by 'name', 'id', or 'status' (default is 'name')
- page (optional): Page number for pagination (default is 1)
- limit (optional): Items per page (default is 10, max is 100)
Requires: Valid JWT token in Authorization header
GET /api/doctor/patients/dropdown
Description: Get all patients for dropdown selection (includes Student ID)
Requires: Valid JWT token in Authorization header
GET /api/doctor/patient/:id/records
Description: Get all records for a specific patient
Parameters: id (patient ID)
Requires: Valid JWT token in Authorization header
POST /api/doctor/patients
Description: Create new patient (includes optional Student ID field for school records)
Request Body:
{
"firstName": "string",
"lastName": "string",
"email": "string",
"phone": "string",
"studentId": "string (optional)",
"age": "number",
"dob": "date string",
"sex": "string",
"ethnicity": "string",
"bloodType": "string",
"status": "string ('Student' or 'Staff')"
}Requires: Valid JWT token in Authorization header
POST /api/doctor/wellness
Description: Create new wellness record
Request Body:
{
"patientId": "number",
"date": "datetime string (optional, defaults to now)",
"heartRate": "number (optional)",
"temperature": "number (optional)",
"pulse": "number (optional)",
"bloodPressure": "string (optional)",
"sleepHours": "number (optional)",
"studyHours": "number (optional)",
"exerciseMinutes": "number (optional)",
"mood": "string (optional)",
"complaint": "string (optional)",
"followUpDate": "date string (optional)",
"referralTo": "string (optional)",
"programCode": "string (optional)",
"comments": "string (optional)"
}Requires: Valid JWT token in Authorization header
PUT /api/doctor/wellness/:id
Description: Update wellness record
Parameters: id (record ID)
Request Body: Same as POST /api/doctor/wellness
Requires: Valid JWT token in Authorization header
GET /api/doctor/treatments
Description: Get all treatments for dropdown selection
Requires: Valid JWT token in Authorization header
POST /api/doctor/treatments
Description: Create new treatment
Request Body:
{
"description": "string",
"category": "string (default is 'Treatment')"
}Requires: Valid JWT token in Authorization header
PUT /api/doctor/treatments/:id
Description: Update treatment
Parameters: id (treatment ID)
Request Body: Same as POST /api/doctor/treatments
Requires: Valid JWT token in Authorization header
POST /api/doctor/record-treatments
Description: Link treatment to wellness record
Request Body:
{
"recordId": "number",
"treatmentId": "number",
"details": "string (optional)",
"startDate": "date string (optional)",
"endDate": "date string (optional)"
}Requires: Valid JWT token in Authorization header
PUT /api/doctor/record-treatments/:id
Description: Update record-treatment link
Parameters: id (record-treatment ID)
Request Body: Same as POST /api/doctor/record-treatments
Requires: Valid JWT token in Authorization header
Admin API Endpoints
GET /api/admin/users
Description: Get all users
Requires: Valid JWT token in Authorization header (Admin role required)
GET /api/admin/users/:id
Description: Get a single user by ID
Parameters: id (user ID)
Requires: Valid JWT token in Authorization header (Admin role required)
POST /api/admin/users
Description: Create new user (admin only)
Request Body:
{
"username": "string",
"password": "string",
"role": "string ('Admin', 'Doctor', or 'Student')",
"firstName": "string (optional)",
"lastName": "string (optional)",
"email": "string (optional)"
}Requires: Valid JWT token in Authorization header (Admin role required)
PUT /api/admin/users/:id
Description: Update user information (excluding ID)
Parameters: id (user ID)
Request Body:
{
"username": "string (optional)",
"role": "string (optional)",
"firstName": "string (optional)",
"lastName": "string (optional)",
"email": "string (optional)"
}Requires: Valid JWT token in Authorization header (Admin role required)
DELETE /api/admin/users/:id
Description: Delete user and reassign wellness records to system user (ID 0)
Parameters: id (user ID)
Requires: Valid JWT token in Authorization header (Admin role required)
PUT /api/admin/patients/:id
Description: Update patient information (excluding P_ID)
Parameters: id (patient ID)
Request Body:
{
"name": "string (optional)",
"studentId": "string (optional)",
"age": "number (optional)",
"dob": "date string (optional)",
"sex": "string (optional)",
"ethnicity": "string (optional)",
"phone": "string (optional)",
"bloodType": "string (optional)",
"status": "string (optional)"
}Requires: Valid JWT token in Authorization header (Admin role required)
PUT /api/admin/wellness/:id
Description: Update wellness record (excluding Record_ID, U_ID, P_ID)
Parameters: id (record ID)
Request Body: Same as POST /api/doctor/wellness
Requires: Valid JWT token in Authorization header (Admin role required)
PUT /api/admin/treatments/:id
Description: Update treatment description (excluding T_ID)
Parameters: id (treatment ID)
Request Body:
{
"description": "string"
}Requires: Valid JWT token in Authorization header (Admin role required)
DELETE /api/admin/treatments/:id
Description: Delete treatment only if not referenced in RECORD_TREATMENT
Parameters: id (treatment ID)
Requires: Valid JWT token in Authorization header (Admin role required)