Add a complete contact form system with the following changes:
- Create ContactMessage model to store form submissions with tracking fields (is_read, is_responded)
- Implement ContactMessage admin interface with custom actions, filters, and bulk operations
- Add contact endpoint documentation to API root view
- Update email configuration to use admin@attunehearttherapy.com as sender address
This enables users to submit contact inquiries and allows administrators to track and manage these messages efficiently through the Django admin panel.
- Change support email from hello@attunehearttherapy.com to admin@attunehearttherapy.com across all email templates
- Remove support contact section from admin notification template
- Standardize email addresses by hardcoding admin email in templates
- Remove unused CSS comment from base email template
This ensures consistent support contact information across the application and directs user inquiries to the appropriate admin channel.
- Increase max_length from 100 to 255 for first_name and last_name encrypted fields
- Increase phone field max_length from 20 to 255 to accommodate encryption overhead
- Add 'id' field to AppointmentRequest admin list_display for easier reference
- Remove redundant docstring from _convert_to_datetime method
The increased field lengths ensure adequate storage for encrypted data, which typically requires more space than plaintext values.
- Install and configure drf-spectacular for OpenAPI/Swagger documentation
- Add Swagger UI endpoints at /api/schema/ and /api/docs/
- Configure SPECTACULAR_SETTINGS with API metadata
- Refactor meetings views from function-based to class-based views
(ScheduleAppointmentView, RejectAppointmentView, AvailableDatesView,
UserAppointmentsView, AppointmentStatsView, UserAppointmentStatsView)
- Update URL patterns to use new class-based views
- Simplify ALLOWED_HOSTS configuration to accept all hosts
This improves API discoverability through interactive documentation
and modernizes the codebase by using class-based views for better
code organization and reusability.
```
refactor: update settings and Docker config for production
- Configure ALLOWED_HOSTS and CORS from environment variables for better security
- Switch default database from PostgreSQL to SQLite3 (PostgreSQL config commented)
- Simplify DEBUG environment variable handling
- Update Dockerfile to use Python 3.11 and gunicorn for production
- Add static file collection in Docker build process
- Add user appointment statistics endpoint (user_apointment_stats)
- Add .dockerignore to exclude unnecessary files from build
These changes improve production readiness by making critical settings
configurable via environment variables and using production-grade WSGI
server (gunicorn) instead of Django development server.
Add comprehensive API documentation for user management endpoints including profile updates, user listing, and admin user management features. Update appointment model to include additional status options (completed, cancelled) and add max_length constraint to email field. Change appointment creation endpoint to require user authentication instead of being public.
Changes:
- Add API docs for update_profile, get_profile, all-users endpoints
- Add API docs for activate-deactivate-user and delete-user admin endpoints
- Update appointment creation to require authentication
- Add 'completed' and 'cancelled' status options to Appointment model
- Add max_length constraint to EncryptedEmailField
- Regenerate initial migration with updated model definitions
- Enable meetings app in INSTALLED_APPS and add URL routing
- Switch from PostgreSQL to SQLite for default database configuration
- Remove meetings directory from .gitignore
- Move API root endpoint from users app to main URL configuration
- Remove HIPAA-specific email and compliance settings (EMAIL_ENCRYPTION_KEY, HIPAA_EMAIL_CONFIG, BAA_VERIFICATION)
- Add SITE_NAME and ENCRYPTION_KEY environment variables
- Regenerate initial user migrations
These changes simplify the development setup by using SQLite as the default database and removing complex compliance configurations while enabling the core meetings functionality.
Add comprehensive HIPAA compliance features and OTP-based authentication:
- Configure HIPAA email settings with AES-256 encryption standard
- Add secure portal URL and BAA verification configuration
- Implement OTP verification for user registration and password reset
- Add user model fields for email verification and password reset OTPs
- Configure templates directory in Django settings
- Add authentication flow endpoints with detailed documentation
- Update dependencies to support new security features
- Reorganize .gitignore for better structure
These changes ensure HIPAA compliance for healthcare data handling
with 6-year audit retention, secure email communications, and
multi-factor authentication capabilities.
