Architecture
Core Functions
auth-operations
- Purpose: User authentication and profile management
- Technology: Supabase Auth with custom logic
- Service Integration: AuthService
- Key Functions:
- Create clinic and user profiles
- User invitations and onboarding
- Password reset operations
- User management (deactivate, update)
- MFA setup and verification
patient-operations
- Purpose: Comprehensive patient data management
- Technology: PostgreSQL with PHI protection and shared validation
- Service Integration: PatientService
- Key Functions:
- Create and update patient records
- Patient data retrieval with clinic isolation
- Patient full details including health metrics, prescriptions, and titration logs
- Patient deletion with audit trail
- NHS number validation
- Monitoring configuration management
clinical-prescription-operations
- Purpose: Prescription management and workflow
- Technology: PostgreSQL with controlled substance monitoring
- Service Integration: PrescriptionService
- Key Functions:
- Create prescription orders
- Save prescription payment data
- Prescription workflow management
- Order validation and compliance
- Prescription item management
clinical-medication-operations
- Purpose: Comprehensive medication management
- Technology: PostgreSQL with real-time updates and shared validation
- Service Integration: MedicationService
- Key Functions:
- Medication library management
- Active medication tracking for patients
- Stock movement tracking
- Medication change detection
- Clinical pathway integration
Feature Functions
clinical-payment-operations
- Purpose: Comprehensive payment processing and tracking
- Technology: PostgreSQL with Stripe integration and shared validation
- Service Integration: PaymentService
- Key Functions:
- Payment settings management (bank accounts, processing settings)
- Authorization payment processing (capture, cancel)
- Order payment details retrieval
- Prescription payment saving
- Clinic payout management
- Payment fees configuration
- Stripe payment intent processing
clinical-shipment-operations
- Purpose: Comprehensive medication delivery management
- Technology: PostgreSQL with shipment tracking and shared validation
- Service Integration: ShipmentService
- Key Functions:
- Shipment creation with prescriptions
- Delivery status updates
- Shipment arrival marking
- Contents verification
- Prescription reassignment
- Clinic and pharmacy shipment listing
- DHL API integration
clinical-delivery-operations
- Purpose: Delivery fee configuration and management
- Technology: PostgreSQL with clinic-specific delivery settings
- Service Integration: DeliveryService
- Key Functions:
- Delivery fee retrieval with default creation
- Clinic-specific delivery fee updates
- Delivery cost configuration
- Shipping price management
clinical-pharmacy-operations
- Purpose: Pharmacy order management and statistics
- Technology: PostgreSQL with pharmacy-specific operations
- Service Integration: PharmacyService
- Key Functions:
- Order management for pharmacies
- Shipment tracking for pharmacy operations
- Label generation for pharmacy orders
- Pharmacy statistics and reporting
- Prescriber activity reports
- Controlled drugs register management
clinical-request-operations
- Purpose: Patient app request management
- Technology: PostgreSQL with request workflow processing
- Service Integration: PatientRequestService
- Key Functions:
- Patient app request creation and management
- Review workflows for clinical staff
- Request status tracking
- Integration with prescription workflow
clinical-address-operations
- Purpose: Address validation and management
- Technology: UK postcode lookup integration
- Service Integration: AddressService
- Key Functions:
- UK postcode lookup and validation
- Address formatting and standardization
- Pickup address management
- Address history tracking
clinical-clinic-operations
- Purpose: Clinic settings and configuration
- Technology: PostgreSQL with clinic-specific settings
- Service Integration: ClinicService
- Key Functions:
- Clinic settings management
- Configuration updates
- Clinic-specific preferences
- Multi-clinic support
Specialized Functions
generate-medication-image
- Purpose: Medication image generation and management
- Technology: Image processing with Supabase storage
- Key Functions:
- Medication image creation
- Image storage management
- Visual medication library
- Asset optimization
prescription-notifications
- Purpose: Email and push notification system for prescription lifecycle events
- Technology: Deno with SendGrid and Expo Push integration
- Key Functions:
- Send email notifications via SendGrid
- Send push notifications via Expo
- Patient preference checking
- Event-based notification triggering (request_created, prescribed, etc.)
send-email
- Purpose: Email service integration
- Technology: SendGrid API integration
- Key Functions:
- Email template management
- Email delivery tracking
- Bounce and complaint handling
- Clinic branding support
send-push-notification
- Purpose: Push notification service
- Technology: Expo Push API integration
- Key Functions:
- Push notification delivery
- Device token management
- Notification preferences
- Delivery tracking
Service Layer Integration
Architecture Benefits
- Type Safety: All functions use Zod validation for inputs
- Consistent Error Handling: Shared error handling patterns
- Service Mapping: Each function corresponds to a specific service
- Centralized Logic: Business logic centralized in services
- Testability: Functions can be tested independently
Request Flow
- Frontend → Service Layer (PatientService, PrescriptionService, etc.)
- Service Layer → Edge Function (clinical-patient-operations, etc.)
- Edge Function → Database operations with validation
- Response → Service Layer → Frontend
Error Handling
- Timeout Protection: 10-30 seconds per function
- Security Incident Logging: Comprehensive audit trail
- Sanitized Error Responses: User-friendly error messages
- Performance Monitoring: Function call duration tracking
Security Implementation
Authentication Headers
All functions require JWT authentication with specific compliance headers:X-PHI-Protection: Patient data protectionX-NHS-Compliance: NHS regulatory complianceX-Controlled-Drug-Monitoring: Prescription monitoringX-Audit-Level: Compliance audit requirements
Row Level Security
- Service Role Permissions: Functions use service_role for database access
- RLS Policy Enforcement: All data access filtered by clinic/user
- Data Isolation: Complete separation between clinics
- Audit Trail: All operations logged for compliance
Monitoring
- Function Call Duration: Performance tracking
- Success/Failure Rates: Reliability monitoring
- Security Incident Detection: Anomaly detection
- Console Logging: Development debugging support
All edge functions integrate with the service layer architecture and use consistent error handling, validation, and security patterns