- HeliumX is the largest healthcare digital platform in the country. This project implements the backend for an Admin Dashboard designed to automate the day-to-day management of the platform with strict role-based access control (RBAC) using Django REST Framework.
- User Management with role-based permissions
- Newsletter System for community engagement
- Subscription System for premium members
- Session Booking for doctor-patient interactions
- Support Ticket Management
- Admin Role Management (Create, Update, Delete Admins & Assign Roles)
- DRF-based API with secure authentication and authorization
- Admin interface via Django admin panel
| Role | Permissions |
|---|---|
| Community Manager | - Send daily newsletters - View & modify user details |
| Accountant | - View & modify subscription details |
| IT Support | - Book sessions manually - Confirm bookings - Resolve support tickets |
| CEO | - Full control over users and admins - Assign roles - Add/edit/delete users and admins |
- Unauthorized actions by any role (e.g., IT Support trying to delete users) will return a 403 Not Authorized response.
- Python 3.11+
- Django 4.x
- Django REST Framework
- PostgreSQL (or any preferred database)
- Token Authentication (DRF TokenAuth)
- Django Admin for superuser control
-
Clone the Repository
- git clone https://github.com/yourusername/heliumx-admin.git
- cd heliumx
-
Create and Activate Virtual Environment
- python -m venv venv
- source venv/bin/activate # On Windows: venv\Scripts\activate
-
Install Dependencies
- pip install -r requirements.txt
-
Configure .env
- use .env.example file as guide
-
Run Migrations
- python manage.py makemigrations
- python manage.py migrate
-
Create Superuser
- python manage.py createsuperuser
-
Run the Server
- python manage.py runserver
- All endpoints (except registration and login) are secured using Token Authentication.
- Obtain token: POST /api/v1/login
- Use token: Include in header Authorization: Token <your_token>
.
├── heliumx
│ ├── __init__.py
│ ├── __pycache__
│ ├── asgi.py
│ ├── settings.py
│ ├── urls.py
│ └── wsgi.py
├── manage.py
├── Procfile
├── README.md
├── requirements.txt
├── runtime.txt
├── staticfiles
├── users
│ ├── __init__.py
│ ├── __pycache__
│ ├── admin.py
│ ├── apps.py
│ ├── migrations
│ ├── models.py
│ ├── permissions.py
│ ├── serializers.py
│ ├── tests.py
│ ├── urls.py
│ ├── utils.py
│ └── views.py
└── ven
├── bin
├── include
├── lib
└── pyvenv.cfg
- 403 Forbidden – Attempt to access a restricted resource
- 400 Bad Request – Validation or malformed input
- 401 Unauthorized – No valid auth token provided
- JWT-based authentication
- Full email system integration
- Logging & audit trails
- Admin analytics dashboard