Skip to content

Resolve "feat: Track logout for all users (volunteers, doctors)"

Shanmukha varma Lanke requested to merge logout-tracking into develop

Merge Request

Overview

This MR implements login and logout time tracking for users attending medical camps. It extends the existing camp attendance functionality to record when a user enters and leaves a camp. This helps administrators monitor staff availability and participation during medical camps.

What does this MR do and why?

feat(camps): implement login/logout time tracking for camp attendance

This change introduces login and logout time tracking for users participating in medical camps. Previously the system only stored whether a user attended a camp but did not track when they entered or exited the camp.

This feature improves monitoring and accountability by recording login and logout timestamps for doctors, volunteers, coordinators, and admins attending a medical camp.

The implementation extends the existing attendance update logic without breaking existing APIs. When the attendance endpoint is called:

  • If login_time is not set → the current time is stored as login_time
  • If login_time exists and logout_time is null → the current time is stored as logout_time
  • If both exist → the existing record is returned without duplicate updates

Changes Made

  • Added database migration to include login_time and logout_time fields in the camp_visits table
  • Updated CampVisit SQLAlchemy model with new timestamp fields
  • Extended update_user_attendance service logic to handle login/logout tracking
  • Updated unit tests to reflect the new response structure and behavior
  • Ensured backward compatibility with existing attendance APIs

Technical Details

Database Changes:

  • Added two nullable timestamp columns:
    • login_time
    • logout_time

Service Logic:

  • Login time is recorded when attendance is first updated
  • Logout time is recorded when attendance is updated again
  • Duplicate updates are prevented if both timestamps already exist

Architecture: No new API endpoints were introduced. The existing endpoint was extended:

PUT /api/v1/medical-camps/camp/{user_id}/attendance

Type of Change

  • 🐛 Bug fix (non-breaking change that fixes an issue)
  • New feature (non-breaking change that adds functionality)
  • 💥 Breaking change (fix or feature that would cause existing functionality to change)
  • 📝 Documentation update
  • ️ Refactor (no functional changes)
  • Performance improvement
  • 🧪 Test update
  • 🔧 Configuration change
  • 🚨 Security fix
  • 🗑️ Deprecation (removing deprecated code)

Related Issues / References

Closes the feature request for tracking login and logout time for users attending medical camps.

Screenshots or Screen Recordings

Screenshot_from_2026-04-12_12-06-55 Example API test using curl:

curl -X PUT "http://127.0.0.1:8000/api/v1/medical-camps/camp/{user_id}/attendance" \
-H "Authorization: Bearer <ACCESS_TOKEN>"

Example response:

{
 "success": true,
 "message": "Attendance updated successfully",
 "camp_visit_id": "7391665d-eec7-45d0-bc17-eb5090a82ee5",
 "user_id": "ec9ced19-4cb4-4dbd-84b7-cf6647585f28",
 "camp_id": "11",
 "attendance": true
}

How to Validate Locally

  1. Run database migrations
alembic upgrade heads
  1. Start the FastAPI server
uvicorn app.main:app --reload
  1. Login to obtain an access token
curl -X POST "http://127.0.0.1:8000/api/v1/auth/login"
  1. Call the attendance endpoint
curl -X PUT "http://127.0.0.1:8000/api/v1/medical-camps/camp/{user_id}/attendance" \
-H "Authorization: Bearer <ACCESS_TOKEN>"
  1. Verify login/logout timestamps in the database
SELECT user_id, login_time, logout_time
FROM camp_visits;

Testing Done

  • Unit tests added/updated
  • API endpoint tests passing

Test Cases Covered:

Scenario Expected Result Status
User attends camp first time login_time recorded
User leaves camp logout_time recorded
User not registered for camp error returned
Duplicate attendance update no duplicate login/logout

Test Commands Run:

pytest
pytest --cov=app

Code Quality Checklist

Code Standards

  • Code follows project conventions
  • No debug statements left
  • No unused imports
  • No duplicate code
  • Type hints used
  • Ruff checks pass

Python & FastAPI Best Practices

  • Functions follow single-responsibility principle
  • Dependency injection used
  • Pydantic models used
  • SQLAlchemy ORM used
  • Error handling implemented

API Design

  • RESTful conventions followed
  • Proper HTTP responses returned
  • Input validation implemented
  • Authentication enforced
  • Role based access control enforced

Database & Migrations

  • Database migration created
  • Migration points to latest revision
  • Downgrade script included
  • ORM used (no raw SQL)

Security

  • No sensitive data logged
  • ORM prevents SQL injection
  • Token-based authentication enforced

Error Handling

  • Errors handled gracefully
  • Proper error responses returned

Documentation

  • README update not required
  • No new environment variables introduced
  • API documentation automatically updated via FastAPI OpenAPI

Known Limitations / Technical Debt

Currently login and logout tracking relies on the attendance update endpoint. Future improvements may introduce dedicated login/logout endpoints for better audit tracking.

Additional Notes

This implementation maintains backward compatibility with existing camp attendance APIs while introducing login/logout time tracking functionality.

MR Acceptance Checklist

Quality & Correctness

  • Code works as intended and solves the problem
  • No existing functionality broken
  • Edge cases handled

Maintainability

  • Code is readable and well-organized
  • Code is testable and tested
  • Follows project conventions

Acceptance Review

  • Reviewed by at least 1 teammate
  • Reviewed by product owner

closes #93 (closed)

Edited by Vandana reddy Balannagari

Merge request reports