Configuration - Asymmetrik/node-fhir-server-core Wiki

Overview

The config drives the entire server. We try to make it easy to adopt this solution by passing in which part of the server you want to use. There are 3 main sections of the config.

Auth

NOTE: This section may change slightly as we work on some optional integrations and see what works best for the most use cases.

This section of the config drives the authentication and authorization layer of the server. If you are using SMART on FHIR we provide a passportjs strategy and authorization middleware you can use out of the box with just some minor configurations. We also allow you to provide your own custom passport strategy. Both authentication and authorization are disabled by default for development sake. To run them on you just need to provide a few options outlined below.

Please see the Access Control wiki for a step by step guide to enable it in your application or how to add your own custom setup.

Server

This section of the config sets up the Express framework and certain middleware. You can specify which port your app runs on, the cors options, and ssl support. For more information, scroll down to the description of each property below.

Profiles

This section of the config sets up which version of the FHIR specification you want to support and which resource from that version you want to support. You can support multiple versions. The core library will automatically set up all of the routes and required parameters for each version and resource.

Configurations

Here is an example config with all the currently supported options. See descriptions below.

{
	auth: {
		type: 'auth-type',
                strategy: {
                        name: 'bearer',
                        useSession: false,
                        service: 'path/to/authentication.service.js'
                }
	},
	server: {
		port: 3000,
		corsOptions: {
			maxAge: 86400
		},
		sessionStore: null,
		ssl: {
			key: 'path/to/key.pem',
			cert: 'path/to.cert.pem'
		},
		publicDirectory: '/path/to/public'
	},
	logging: {
		level: 'debug'
	},
        events: {
                auditEvent: service.writeAuditEventRecords,
                provenance: service.writeProvenanceRecords,
        },
	profiles: {
		patient: {
			service: './patient/patient.controller',
                        versions: [ VERSIONS.STU3 ],
			corsOptions: {
				// Have a different max age for all the routes in the patient profile
				maxAge: 3600
			}
		},
		observation: {
			service: require('./observation/observation.controller'),
                        versions: [ VERSIONS.STU3 ]
			corsOptions: {
				// Disable cors on this profile, maybe this is for internal use only
				origin: false
			}
		}
	}
}

auth.type

auth.strategy

auth.strategy.name

auth.strategy.useSession

auth.strategy.service

server.port

server.corsOptions

server.sessionStore

const session = require('express-session');
const expressSessionStore = session({
	resave: true,
	saveUninitialized: true,
	secret: appConfig.auth.sessionSecret,
	cookie: appConfig.auth.sessionCookie,
	store: new MongoStore({
		mongooseConnection: connection,
		collection: appConfig.auth.collection
	})
});

const fhirConfig = {
	server: {
		sessionStore: expressSessionStore
	}
}

server.ssl.key

server.ssl.cert

server.publicDirectory

logging.level

Currently this is the only logging configuration supported. We use Winston for logging and will eventually add support for more options.

events.auditEvent

Subscribe to incidents that create audit events.

// In config object
{
	events: {
		// This function is inlined just for the example, probably better to have in a service somewhere
		auditEvent: function (auditEventResource) {
			// insert the resource into your DB here
		}
	}
}

events.provenance

Subscribe to incidents that create provenance resources.

// In config object
{
	events: {
		provenance: function (provenanceResource) {
			// insert the resource into your DB here
		}
	}
}

profiles[key]

All profiles configurations are defined in the profile section, Profile. There are also examples of them in the Getting Started section of the Profiles wiki page.