Finished log in and sign up for volunteers and participants and linked it with the intake form

.github/workflows/backend-ci.yml

@@ -0,0 +1,214 @@
+name: Backend CI
+
+on:
+  push:
+    branches: [ main, develop ]
+    paths:
+      - 'backend/**'
+      - '.github/workflows/backend-ci.yml'
+  pull_request:
+    branches: [ main, develop ]
+    paths:
+      - 'backend/**'
+      - '.github/workflows/backend-ci.yml'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        python-version: [3.12]
+
+    services:
+      postgres:
+        image: postgres:15
+        env:
+          POSTGRES_PASSWORD: testpassword
+          POSTGRES_USER: testuser
+          POSTGRES_DB: llsc_test
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: Install PDM
+      run: |
+        pip install pdm
+
+    - name: Cache PDM dependencies
+      uses: actions/cache@v4
+      with:
+        path: ~/.cache/pdm
+        key: ${{ runner.os }}-pdm-${{ hashFiles('backend/pdm.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-pdm-
+
+    - name: Install dependencies
+      working-directory: ./backend
+      run: |
+        pdm sync --group test --group lint --group dev
+
+    - name: Set up environment variables
+      working-directory: ./backend
+      run: |
+        echo "POSTGRES_DATABASE_URL=postgresql://testuser:testpassword@localhost:5432/llsc_test" >> .env
+        echo "SECRET_KEY=test-secret-key-for-ci" >> .env
+        echo "ENVIRONMENT=test" >> .env
+
+    - name: Run database migrations
+      working-directory: ./backend
+      run: |
+        pdm run alembic upgrade head
+
+    - name: Run linting
+      working-directory: ./backend
+      run: |
+        pdm run ruff check .
+        pdm run ruff format --check .
+
+    # TODO: Re-enable mypy when type annotations are improved
+    # - name: Run type checking
+    #   working-directory: ./backend
+    #   run: |
+    #     pdm run mypy app/ --ignore-missing-imports
+
+    - name: Run unit tests
+      working-directory: ./backend
+      run: |
+        pdm run python -m pytest tests/unit/ -v --cov=app --cov-report=xml --cov-report=term-missing
+
+    - name: Run integration tests
+      working-directory: ./backend
+      run: |
+        pdm run python -m pytest tests/functional/ -v
+
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v4
+      with:
+        file: ./backend/coverage.xml
+        directory: ./backend
+        flags: backend
+        name: backend-coverage
+
+    - name: Run security scan
+      working-directory: ./backend
+      run: |
+        pdm run bandit -r app/ -f json -o security-report.json || true
+
+    - name: Upload security report
+      uses: actions/upload-artifact@v4
+      if: always()
+      with:
+        name: security-report
+        path: backend/security-report.json
+
+  e2e-tests:
+    runs-on: ubuntu-latest
+    needs: test
+
+    services:
+      postgres:
+        image: postgres:15
+        env:
+          POSTGRES_PASSWORD: testpassword
+          POSTGRES_USER: testuser
+          POSTGRES_DB: llsc_test
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python 3.12
+      uses: actions/setup-python@v5
+      with:
+        python-version: 3.12
+
+    - name: Install PDM
+      run: |
+        pip install pdm
+
+    - name: Install dependencies
+      working-directory: ./backend
+      run: |
+        pdm sync --group test --group lint --group dev
+
+    - name: Set up environment variables
+      working-directory: ./backend
+      run: |
+        echo "POSTGRES_DATABASE_URL=postgresql://testuser:testpassword@localhost:5432/llsc_test" >> .env
+        echo "SECRET_KEY=test-secret-key-for-ci" >> .env
+        echo "ENVIRONMENT=test" >> .env
+        echo "TEST_SCRIPT_BACKEND_URL=http://localhost:8000" >> .env
+        echo "[email protected]" >> .env
+        echo "TEST_SCRIPT_PASSWORD=testpassword" >> .env
+
+    - name: Run database migrations
+      working-directory: ./backend
+      run: |
+        pdm run alembic upgrade head
+
+    - name: Start backend server
+      working-directory: ./backend
+      run: |
+        pdm run uvicorn app.server:app --host 0.0.0.0 --port 8000 &
+        sleep 10  # Wait for server to start
+
+    - name: Run E2E tests
+      working-directory: ./
+      run: |
+        pdm run python -m pytest e2e-tests/ -v --tb=short
+
+  docker-build:
+    runs-on: ubuntu-latest
+    needs: test
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Build Docker image
+      working-directory: ./backend
+      run: |
+        docker build -t llsc-backend:latest .
+
+    - name: Test Docker image
+      run: |
+        docker run --rm llsc-backend:latest python --version
+
+  notify:
+    runs-on: ubuntu-latest
+    needs: [test, e2e-tests]
+    if: always()
+
+    steps:
+    - name: Notify on success
+      if: needs.test.result == 'success' && needs.e2e-tests.result == 'success'
+      run: |
+        echo "✅ All tests passed! Backend is ready for deployment."
+
+    - name: Notify on failure
+      if: needs.test.result == 'failure' || needs.e2e-tests.result == 'failure'
+      run: |
+        echo "❌ Tests failed! Please check the logs."
+        exit 1 

backend/FORMS_SCHEMA_README.md

@@ -0,0 +1,138 @@
+# Forms Schema Documentation
+
+This document describes the database schema for the forms system that was implemented.
+
+## Tables Created
+
+### 1. Core User Data
+
+#### `user_data`
+Stores single-valued user fields:
+- `id` - UUID primary key
+- `date_of_birth` - Date field
+- `email` - String field
+- `phone` - String field
+
+### 2. Multi-valued Reference Tables
+
+#### `treatments`
+Stores available treatment options:
+- `id` - Integer primary key
+- `name` - Unique treatment name
+
+Pre-populated with:
+- Chemotherapy, Immunotherapy, Radiation Therapy, Surgery, Targeted Therapy, Hormone Therapy, Stem Cell Transplant, CAR-T Cell Therapy, Clinical Trial, Palliative Care
+
+#### `experiences`
+Stores cancer-related experiences:
+- `id` - Integer primary key  
+- `name` - Unique experience name
+
+Pre-populated with:
+- PTSD, Relapse, Anxiety, Depression, Fatigue, Neuropathy, Hair Loss, Nausea, Loss of Appetite, Sleep Problems, Cognitive Changes, Financial Stress, Relationship Changes, Body Image Issues, Survivorship Concerns
+
+#### `qualities`
+Stores ranking/matching qualities:
+- `id` - Integer primary key
+- `slug` - Unique identifier (e.g., 'same_age')
+- `label` - Human-readable description
+
+Pre-populated with matching criteria like same age, diagnosis, treatment, location, etc.
+
+### 3. Bridge Tables (Many-to-Many)
+
+#### `user_treatments`
+Links users to their treatments
+
+#### `user_experiences` 
+Links users to their experiences
+
+### 4. Ranking System
+
+#### `ranking_preferences`
+Stores user ranking preferences:
+- `user_id` - Reference to users table
+- `quality_id` - Reference to qualities table
+- `rank` - Integer ranking (1 = most important)
+
+### 5. Form System
+
+#### `forms`
+Form definitions and versioning:
+- `id` - UUID primary key
+- `name` - Form name
+- `version` - Version number
+- `type` - Enum (intake, ranking, secondary, become_volunteer, become_participant)
+
+#### `form_submissions`
+Raw form submission data:
+- `id` - UUID primary key
+- `form_id` - Reference to forms table
+- `user_id` - Reference to users table  
+- `submitted_at` - Timestamp
+- `answers` - JSONB field with raw form data
+
+## Usage Examples
+
+### Accessing Multi-valued Fields
+Thanks to SQLAlchemy relationships, you can access multi-valued fields as lists:
+
+```python
+from app.models import UserData
+
+# Get a user
+user = session.query(UserData).first()
+
+# Access treatments as a list
+user_treatments = user.treatments  # Returns list of Treatment objects
+treatment_names = [t.name for t in user.treatments]
+
+# Access experiences as a list  
+user_experiences = user.experiences  # Returns list of Experience objects
+```
+
+### Creating Form Submissions
+```python
+from app.models import FormSubmission
+import json
+
+submission = FormSubmission(
+    form_id=form_uuid,
+    user_id=user_uuid,
+    answers={
+        "date_of_birth": "1990-01-01",
+        "treatments": ["Chemotherapy", "Radiation Therapy"],
+        "experiences": ["Anxiety", "Fatigue"],
+        # ... other form fields
+    }
+)
+session.add(submission)
+session.commit()
+```
+
+### Setting Ranking Preferences
+```python
+from app.models import RankingPreference
+
+# User ranks "same_diagnosis" as most important (rank 1)
+pref = RankingPreference(
+    user_id=user_uuid,
+    quality_id=2,  # same_diagnosis quality
+    rank=1
+)
+session.add(pref)
+session.commit()
+```
+
+## Form Processing Workflow
+
+1. **Form Submission**: Raw data stored in `form_submissions.answers` as JSON
+2. **Data Parsing**: Custom parser extracts structured data from JSON
+3. **Database Population**: Parsed data populates `user_data` and relationship tables
+4. **Versioning**: Multiple submissions create new form versions while preserving history
+
+This design allows for:
+- Flexible form structures without schema changes
+- Historical tracking of all submissions
+- Structured querying of user data for matching algorithms
+- Easy addition of new treatment/experience/quality options 

backend/app/interfaces/auth_service.py

@@ -129,3 +129,10 @@ def is_authorized_by_email(self, access_token, requested_email):
         :rtype: bool
         """
         pass
+
+    @abstractmethod
+    def verify_email(self, email):
+        """
+        Verify the email address of the user with the given email
+        """
+        pass

backend/app/middleware/auth_middleware.py

@@ -17,7 +17,14 @@ def __init__(self, app: ASGIApp, public_paths: List[str] = None):
         self.logger = logging.getLogger(LOGGER_NAME("auth_middleware"))
 
     def is_public_path(self, path: str) -> bool:
-        return path in self.public_paths
+        for public_path in self.public_paths:
+            # Handle parameterized routes by checking if path starts with the pattern
+            if public_path.endswith("{email}") and path.startswith(public_path.replace("{email}", "")):
+                return True
+            # Exact match for non-parameterized routes
+            if path == public_path:
+                return True
+        return False
 
     async def dispatch(self, request: Request, call_next):
         if self.is_public_path(request.url.path):

backend/app/models/Experience.py

@@ -0,0 +1,13 @@
+from sqlalchemy import Column, Integer, String
+from sqlalchemy.orm import relationship
+
+from .Base import Base
+
+
+class Experience(Base):
+    __tablename__ = "experiences"
+    id = Column(Integer, primary_key=True)
+    name = Column(String, unique=True, nullable=False)  # 'PTSD', 'Relapse', etc.
+
+    # Back reference for many-to-many relationship
+    users = relationship("UserData", secondary="user_experiences", back_populates="experiences")