Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.9.0April 12, 2026

Mandatory two-factor authentication (TOTP), biometric device management improvements, security hardening, and updated app icons.

Features

Mandatory TOTP two-factor authentication — all users must set up an authenticator app (Google Authenticator, Microsoft Authenticator, or any TOTP app)
QR code setup flow in My Profile — scan QR code, verify with 6-digit code, receive 10 one-time backup codes
Two-phase login — password verification issues a short-lived pending token (5 min), then TOTP code exchanges it for the real session token
Backup code support — 10 single-use recovery codes (bcrypt-hashed) for when the authenticator app is unavailable
Admin biometric device visibility — admins and superadmins can view all registered biometric devices per user in the detail modal (double-click any user row)
Admin biometric device removal — admins can delete a user’s biometric device with an irreversible-action warning
Superadmin TOTP reset — superadmins can disable a user’s 2FA in emergencies (lost phone + lost backup codes)

Improvements

Auto-detected device names for biometric registration — devices now show as “Chrome · Windows”, “Safari · iPhone”, etc. instead of “My Device”
Biometric login data preserved across logout — fingerprint button stays visible after logging out
Wider name column in Doctor Management and Admin Management tables — matches patient dashboard layout
Updated app icons with dark background fill (#1A2332) — all PWA icons, favicon, and Apple touch icon regenerated
Maskable icons scaled edge-to-edge for cleaner display on mobile home screens
New “Two-Factor Auth” tab in My Profile with required badge when not yet set up
Trilingual translations for all TOTP UI (English, Traditional Chinese, Spanish)

Security

Pending 2FA tokens cannot access any API endpoint — rejected by the authentication guard with a dedicated “purpose” claim
TOTP rate limiting — 5 failed 2FA attempts locks out the verification, requiring a fresh login
CORS tightened — removed unused PATCH method and unnecessary headers from allowed list
CSP “unsafe-inline” removed from script-src — moved inline service worker registration to external file
Aligned security headers between Vercel and Cloudflare Pages deployments
Biometric login skips TOTP (already a second factor) but still enforces one-time TOTP setup
All TOTP setup, disable, and admin-reset actions logged in audit trail

Fixes

Fixed localStorage.clear() on logout wiping webauthn_email and webauthn_role — fingerprint login button now persists after logout
Fixed biometric registration error showing generic message instead of actual backend error detail

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.8.0April 10, 2026

Progressive Web App (PWA) support and biometric authentication (fingerprint / Face ID login).

Features

Progressive Web App (PWA) — ProjectMed can now be installed as an app on phones, tablets, and desktops directly from the browser
WebAuthn biometric login — users can register fingerprint or Face ID on their device for passwordless login
Biometric credential management in My Profile — register and remove devices, view registered credentials
PWA service worker with network-first caching strategy for faster page loads
App manifest with all icon sizes (72px to 512px) including maskable icons for Android
Apple-specific meta tags for iOS home screen installation

Improvements

“Log in with Fingerprint” button on login page with gradient styling
New “Biometric Login” tab in My Profile page for all roles
WebAuthn origin validation supports multiple domains (www and non-www)
Trilingual translations for all biometric UI (English, Traditional Chinese, Spanish)

Security

WebAuthn credentials stored server-side with sign count verification to detect cloned authenticators
Biometric login respects existing account locks and force-reset requirements
API calls are never cached by service worker — medical data always fetched fresh

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.7.0April 9, 2026

Security hardening, Traditional Chinese PDF font upgrade, ICD-10 multilingual display, Spanish ICD-10 data expansion, and mobile session security.

Security

Add SecurityHeadersMiddleware (HSTS, X-Frame-Options, COOP, CORP, CSP, and 7 more headers) for A+ security rating
Restrict CORS: explicit methods/headers instead of wildcards; localhost origins excluded in production
Enforce PDF_OWNER_PASSWORD environment variable — remove hardcoded fallback
Align Cross-Origin-Resource-Policy to same-origin (was cross-origin, conflicting with COOP)
Fix mobile idle session timeout: phone sleep no longer bypasses 15-minute inactivity logout

Features

ICD-10 descriptions now follow the website language — code is the fixed anchor, description translates automatically when language is switched
Spanish ICD-10 translations expanded from 4% to 96% coverage (1,531 → 35,001 of 36,119 codes) using WHO/PAHO CIE-10 data
ICD-10 codes rendered in monospace font to clearly distinguish letters from numbers (O vs 0, I vs 1)
Shared ICD-10 lookup utility for both website display and PDF export

Improvements

Switch PDF Chinese font from STSong-Light (Simplified) to Noto Sans TC (Traditional Chinese) with bold weight support
PDF export looks up ICD-10 descriptions in the export language instead of using stored text
Service monitor widget slimmed down (half size), refresh button removed (auto-refreshes every 60s)
Service monitor icon added to window and Windows taskbar

Fixes

Fix garbled/unreadable Chinese ICD-10 text in English PDF exports
Fix visibilitychange detection for mobile browsers — timers no longer freeze when phone sleeps

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.6.0April 8, 2026

Permissions overhaul, multilingual PDF export, expanded ICD-10 database, group management, and transfer requests.

Features

Multilingual PDF export with language picker (English, Traditional Chinese, Spanish)
Expanded ICD-10 database to 36,119 codes using official Taiwan NHI data
ICD-10 trilingual search: match codes in English, Chinese, or Spanish regardless of UI language
Doctor group transfer requests workflow
Admin group cascade with warning checkbox confirmation
Admin registration with group selection
System Dashboard navigation link for superadmin
Roles and Permissions wiki page
Country and state/province fields with header tags

Improvements

Restrict patient records to view-only for admins and superadmins (doctors only can edit)
Widen ICD-10 input and dropdown for better visibility
Show all filled visit fields in history (impression, plan, referrals, follow-up)
Logo navigates to Dashboard; export flow includes language picker
Update all wiki pages with doctor-only permissions and new feature documentation (3 languages)

Fixes

Fix PDF crash caused by incorrect style key (st['body'] changed to st['normal'])
Fix ICD-10 display and export rendering issues
Fix diagnoses lost when assessment fields are empty
Move /transfer-requests route before /{doctor_id} catch-all to prevent routing conflict

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.5.0April 7, 2026

Doctor-requested features, comprehensive PDF export, wiki updates, and polish across the board.

Features

Live patient age display (auto-updating timer isolated in its own component)
Doctor signature field on visit records
Collapsible visit history sections
Hide empty fields in visit history -- only show sections with data
Strip empty fields from visit data before storage

Improvements

Complete PDF export overhaul: allergies table, patient images, all specialty fields, subjective notes, evolution notes, and doctor signature
Update all wiki pages with new feature documentation
Simplify testing guide: 3 languages, friendly cards, 3-step quick start
Add ICD-10 autocomplete improvements and seed data for testing
Add railway.json config and update .gitignore for cleaner repository

Fixes

Fix live age bug by isolating timer in its own component
Fix PDF export missing subjective, evolution, and specialty fields

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.4.0April 6, 2026

All 12 specialty templates completed, ICD-10 and FHIR R4 standards integration, unified export workflow, and audit log overhaul.

Features

All 12 specialty visit templates completed (10 specialties + 2 sub-specialties): Sports Medicine, Orthopedics, Cardiology, Dermatology, Ophthalmology, ENT, Neurology, Psychiatry/Psychology, OB/GYN, Internal Medicine, and more
ICD-10 autocomplete for diagnosis coding
FHIR R4 compliant data export
Email patient record directly to doctor
Unified export workflow: Export, PIN verification, Format selection, Delivery method
Owner-only system dashboard with service monitoring
Auto-save visit form drafts to localStorage
Evolution / Handover Notes field in general visit form

Improvements

Complete audit log overhaul with filters, compliance features, and performance improvements
OB/GYN and Internal Medicine templates added to complete the 4 clinical pillars

Fixes

Fix multi-specialty visit type selection -- users must choose specialty before filling form

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.3.0April 5, 2026

Multi-specialty infrastructure, security hardening for Mozilla Observatory A+ rating, and Cloudflare Pages backup deployment.

Features

Phase 1: Multi-specialty infrastructure with visit type routing
Phase 2: Psychology/Mental Health visit template
Doctor detail modal on double-click (Dashboard + Doctor Management)
Admin detail modal on double-click (Admin Management + Dashboard)
Data export and backup functionality
Backup domain medicalteam.cc with Cloudflare Pages SPA redirect
Author credits: David Chen and Claude AI

Security

All security headers configured for Mozilla Observatory A+ rating
Remove unsafe-inline and unsafe-eval from Content Security Policy script-src
Auto-verify destination emails and add Cloudflare routing for admins
Add Cloudflare verification notice to all emails with official email
Add _headers file for Cloudflare Pages with same security headers as Vercel

Improvements

Landing page hero text translates with selected language
Remove employee-style doctor statuses
Specialty editing in doctor profile
Backup and Disaster Recovery sections added to both wikis
Wiki pages updated from Coming Soon to actual specialty documentation

Fixes

Fix inactivity countdown timer and make modal trilingual
Fix CSP configuration to remove unsafe directives

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.2.0April 4, 2026

Secured bootstrap flow, trilingual email system, pending approvals dashboard, and major email and authentication improvements.

Features

Secured first-time superadmin bootstrap flow
All emails made trilingual: English, Traditional Chinese, Spanish
Branded emails with logo header, consistent styling, and footer
Separate welcome emails for Superadmin and Admin roles
Pending Approvals tab on dashboard for admins and superadmins
Warning when approving someone from a different group
Notification sent when official email is assigned or changed

Security

Bootstrap flow with BOOTSTRAP_SECRET for first-time setup
Login page redesign with session improvements
OTP expiry extended from 5 minutes to 15 minutes

Improvements

Rename Clinic Email to Official Email with clear explanation
Rename Email to Login Email in credential emails (trilingual)
Remove group-based patient filtering -- all staff see all patients

Fixes

Fix pre-consultation form step bar for mobile layout and logo link
Fix Vercel build: explicit npm build command and output directory
Fix admin email, domain_email, and password copy issues

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.1.0April 3, 2026

Core clinical features including patient intake forms, medical imaging, bulk operations, and email-based login generation.

Features

Email-based login generation and email improvements
Patient record overhaul with improved data model
Pre-consultation intake form for patients
Bulk patient deletion
Form error highlighting for required fields
Medical Imaging tab in patient records (later moved into Visits tab after physical examination)
Patient seed script for test data generation

Fixes

Fix PDF export blood pressure format

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v1.0.0April 2, 2026

Initial release of ProjectMed Web -- the foundation for the entire platform.

Features

ProjectMed Web v2 initial release
Responsive design with Precision Navy theme
Admin self-registration with superadmin approval flow
PIN login for admin accounts
Consent modal with UI polish

Improvements

Remove sports-specific language for broader medical team use

Foundation release: This version established the core architecture -- FastAPI backend, React frontend with Ant Design, Supabase database, JWT authentication, and the role-based permission system that all subsequent versions build upon.

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

Desktop to Web Migration

Platform Migration: After a 14-month development pause (January 2025 to March 2026), ProjectMed was revisited with a transformative vision: sharing the system across multiple sports medicine clubs in Costa Rica's Taiwanese community. Doctors needed to access patient records from any device and location -- not just one computer. The single-machine PyQt6 desktop app couldn't support this. On April 2, 2026, the web migration began: FastAPI replaced the Python backend, React with Ant Design replaced PyQt6, Supabase (PostgreSQL) replaced Google Drive, and Resend replaced Gmail for emails. Every feature from the desktop era was rebuilt from scratch, while adding trilingual support (English, Traditional Chinese, Spanish), 12 medical specialties, ICD-10 integration with 36,000+ codes, FHIR R4 compliance, and a modern role-based permission system.

10 Desktop Decisions That Shaped the Web

Doctor self-registration with admin approval
PDF export with read-only protection and watermark
PIN as fast login alternative to passwords
Forced password change after admin reset
Login rate limiting (5 attempts before lockout)
Multi-group/multi-clinic architecture (from cross-club vision)
Doctor status management with lifecycle tags
Audit logging of all data access
OTP verification for sensitive operations
Admin hierarchy with protected first admin (evolved into superadmin)

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v0.4.0March 29, 2025

After a 14-month gap (January 2025 to March 2026), David returned to assess the project's completion status. In this pivotal conversation, the cross-club sharing vision was articulated: 'I want to share this app with brothers/sisters clubs, so any club with this program can read the info.' This vision -- multiple clinics sharing a common system -- made the desktop app's single-machine architecture impractical. Doctor status tags (suspended, under investigation, deceased) were added, the hardcoded admin login was discovered and flagged, and a handoff prompt was requested to begin the web migration. This was the last desktop version.

Features

Session timeout (3-minute auto-logout)
Doctor PIN + password dual authentication
Password-protected PDF generation
Backup to secondary Google Drive account
Allergy severity classification (None, Mild, Moderate, Severe, Anaphylactic)
Patient status banners (active, inactive, restricted, under_evaluation, cleared, deceased, transferred)
Bulk doctor import from CSV/JSON
First-admin setup wizard
Final desktop version before web migration

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v0.3.0March 9-29, 2025

Full production version -- the most complete desktop build at 4,537 lines, with comprehensive doctor management and final polish.

On January 19, a troubleshooting session for login errors led to a key UX decision: PIN-based login for doctors. Typing a 6-digit PIN was much faster than a full password for daily use. This session also introduced forced password changes when an admin creates or resets a doctor's account, and resolved confusion between doctor and admin login paths. The codebase reached 4,537 lines -- the most complete desktop version.

Features

Full production version -- most complete desktop build (4,537 lines)
12 core classes: AdminAuth, AdminManager, OTPManager, LoginDialog, DoctorRegistrationForm, DoctorProfileDialog, AdminPanel, DoctorManager, PatientForm, PDFGenerator, MedicalRecordApp
Comprehensive doctor statuses (active, on_vacation, on_leave, pending, suspended, retired, deceased)
Final bug fixes and polish

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v0.2.0January 19, 2025

Enhanced UI with multi-admin system, TOTP two-factor authentication, and doctor approval workflow. Grew from 3,209 to 4,486 lines.

Two conversations in quick succession (January 15 and 17) shaped the administrative backbone. The first session fixed a critical data issue -- doctor and patient records were mixed together in Google Drive. The second introduced enterprise-grade security: admin two-factor authentication via Google Authenticator (TOTP) with QR code setup, multi-admin support with a protected 'first admin' role that couldn't be deleted, and emergency admin override procedures.

Features

Multi-admin system with TOTP 2FA + QR code generation
Admin panel with doctor/admin management tabs
Doctor profile dialog for viewing/editing
Enhanced UI with stacked widgets for multi-page dialogs
Form validation with regex patterns (email, phone, license ID)
Doctor approval workflow
Improved error handling with traceback logging
Grew from 3,209 to 4,486 lines

Version History

A complete log of every feature, fix, and improvement shipped in ProjectMed.

v0.1.0January 16, 2025

The first version of ProjectMed -- a PyQt6 desktop application with Google Drive storage and Gmail-based OTP verification.

ProjectMed began on January 13, 2025, when David Chen brought an existing Python script to Claude for help with a single bug -- visit data wasn't appending correctly. That debugging session evolved into the project's foundation: over 112 messages, the core architecture took shape. PDF export with watermark and read-only protection was designed, doctor self-registration with admin approval was built, password hashing and login rate limiting were added, and OTP verification via Gmail was integrated. What started as a bug fix became a medical records system.

Tech stack: PyQt6 + ReportLab + Google Drive + Gmail API

Features

PyQt6 desktop application -- first version of ProjectMed
Single admin with hardcoded credentials
Doctor registration and password management
Patient records with vitals (BP, HR, weight, height, temperature)
PDF export with ReportLab, custom fonts (Amazon Ember), logo watermark
OTP verification via Gmail API
Google Drive storage for all records
Access logging
1,352 lines of Python

Key Decisions

PDF export with watermark logo and read-only permissions
Doctor self-registration requiring admin approval
bcrypt password hashing for all credentials
Login rate limiting to prevent brute force
OTP verification for sensitive operations