In this update, we've focused on enhancing the overall user experience by fixing various frontend and backend bugs, improving security measures, and optimizing performance. Key updates include:
Fixes and Improvements
- Added admit patient button into the dashboard header
- Fixed a bug that prevents creating a sensor record without a password and updating the password of an existing record.
- Fixed a bug that displays wrong mobility value in the patient summary widget
- Fixed a bug that allows users to provide sensor URL credentials within the URL input
- Fixed a bug that allows the disabled delete button in the patient page header to show the confirmation popup.
- Optimized database with the increased number of connections & shared buffers
- Fixed a bug that caused a system error while resolving the notifications.
- Fixed a bug that caused incorrect device offline notifications.
- Improved API query performance.
- Fixed various API errors that cause inconsistent database records (e.g., patient sessions without rooms)
- Fixed a bug that caused an OK response on some API endpoints even though the related records never persisted.
- API endpoints now always return the patient reference key and always require a reference key when starting a new patient session.
- Developed new patient session standby and resume endpoints.
Security improvements
- Disabled outside access to internal endpoints
- Limited access to HTTP methods for the query API
- Configured identity system to store end-user events for up to 3 days for security auditing.
- Configured all backend services and identity services to require SSL for external connections.
- Cleaned up all static URLs to prevent additional security bugs.
- Fixed a possible security bug that may enable valid tokens without the required query role to access the query endpoint.
- Developed audit tables for sensor and department changes.
