6ba57df6ae
Reference data simplification (choke point pattern): - Remove RefSave/RefDelete from lib (import-time only, not runtime) - Remove LabTestSave*, LabRefSave* from lib/lab_reference.go - Remove PopulateReferences (LLM-based ref generation) - Keep only RefQuery() for runtime reads - Import tools handle their own SQL inserts Rate limiting removed: - Delete new_signups table and all rate limit code - Solved via different approach (not in codebase) Database consolidation (on staging): - Moved genotypes table (30K SNPs) to reference.db - Deleted empty DBs: portal.db, rate_limit.db, snpedia.db, ratelimit.db Net -293 lines. Runtime code now only reads reference data via RefQuery(). Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> |
||
|---|---|---|
| .claude | ||
| Jonathan/1.3.12.2.1107.5.2.18.41605.30000026020412200633600001217 | ||
| api | ||
| app | ||
| claude-edit | ||
| cmd | ||
| design | ||
| doc-processor | ||
| docs | ||
| find_dossiers | ||
| fonts | ||
| import-dicom | ||
| import-genome | ||
| lib | ||
| mcp-bridge-node | ||
| mcp-client | ||
| mcpb | ||
| migrate | ||
| migrations | ||
| portal | ||
| scrape_mychart | ||
| scripts | ||
| test | ||
| test-prompts | ||
| tools | ||
| viewer | ||
| web | ||
| ._.DS_Store | ||
| ._inou.db | ||
| ._start.sh | ||
| ._status.sh | ||
| ._stop.sh | ||
| .gitignore | ||
| .mcp.json | ||
| CLAUDE.md | ||
| Makefile | ||
| PROMPT-FUNCTION-BRIEF.md | ||
| README.md | ||
| TODO.md | ||
| Z_AI_CLAUDE_CODE.md | ||
| aitmpl-submission.json | ||
| anthropic.env | ||
| backup.sh | ||
| build-mac.sh | ||
| caliper_reference_intervals.json | ||
| caliper_with_loinc.json | ||
| convert_linux | ||
| demo-genome.txt | ||
| deploy.sh | ||
| doc-processor-bin | ||
| go.mod | ||
| go.sum | ||
| import_all.sh | ||
| inou.db | ||
| inou.mcpb | ||
| journal.md | ||
| main.go | ||
| restart.sh | ||
| smtp.env | ||
| start.sh | ||
| status.sh | ||
| stop.sh | ||
| test-api.sh | ||
| test-prompt.sh | ||
README.md
Inou - Medical Imaging Second Opinion Platform
Vision
Patient-facing medical data platform with AI-powered second opinions. Upload your scans, connect to AI, get peace of mind.
Target user: Non-technical parent/spouse/caregiver who knows nothing about medical imaging but wants answers.
Brand: inou.com ("eye-now" - vision/seeing + immediate second opinion)
Scope: Human + veterinary imaging. Not just imaging - labs, vitals, supplements, genome, photos, observations.
Quick Reference
| Service | URL |
|---|---|
| Portal | https://inou.com |
| Viewer | https://inou.com:8767 |
| API | https://inou.com/api/* |
| Machine | IP | Role |
|---|---|---|
| Ubuntu Server | 192.168.1.253 | Source, Linux builds, Production |
| Mac | local | macOS bridge builds |
| Windows | 192.168.1.9 | Windows bridge builds |
Architecture
┌─────────────────────────────────────────────────────────────────┐
│ User │
└───────────────────────────┬─────────────────────────────────────┘
│
┌───────────────────┼───────────────────┐
│ │ │
▼ ▼ ▼
┌───────────────┐ ┌───────────────┐ ┌───────────────┐
│ Portal (443) │ │ Viewer (8767) │ │ Claude Desktop│
│ Web UI, Auth │ │ DICOM viewer │ │ + Bridge │
└───────┬───────┘ └───────┬───────┘ └───────┬───────┘
│ │ │
│ │ │
└───────────────────┼───────────────────┘
│
┌───────▼───────┐
│ REST API │
│ (viewer) │
└───────┬───────┘
│
┌───────▼───────┐
│ SQLite DB │
│ + Objects │
└───────────────┘
Services (2 total):
- Portal (443) - Web UI, authentication, proxies /api/* to viewer
- Viewer (8767) - DICOM viewer, REST API, image serving
Components
| Component | Binary | Purpose |
|---|---|---|
| Portal | inou-portal | Web UI, auth, profile management, proxies API |
| Viewer | inou-viewer | DICOM viewer, REST API, image serving |
| Bridge | inou_bridge_* | Connects Claude Desktop to REST API (per-platform) |
| Lab Scrape | inou-lab-scrape | MyChart lab results scraper |
| Lab Import | inou-lab-import | Lab results importer |
| DICOM Import | import-dicom | DICOM to PNG importer |
Bridge
The bridge connects Claude Desktop (stdio/MCP protocol) to the Inou REST API:
Claude Desktop → inou_bridge (stdio) → HTTPS → inou.com/api/*
Configuration (~/Library/Application Support/Claude/claude_desktop_config.json):
{
"mcpServers": {
"inou": {
"command": "/Users/USERNAME/bin/inou_bridge_darwin_arm64",
"args": ["--server=https://inou.com", "--account=ACCOUNT-GUID"]
}
}
}
The bridge translates MCP tool calls from Claude Desktop into REST API requests. There is no separate MCP server - the viewer's REST API serves all data.
API Tools
Tools available via the bridge (prefixed with inou:):
| Tool | Description |
|---|---|
list_profiles |
Show patient profiles accessible to account |
list_studies |
Show all studies for selected profile |
list_series |
Show series in a study (filter by T1, T2, AX, etc.) |
list_slices |
Show slices with position info |
fetch_image |
Get image as base64 with metadata |
list_lab_tests |
List available lab test names |
get_lab_results |
Get lab results with date range/latest filters |
get_version |
Check bridge/server versions |
Database Schema
-- Core tables
patients (id, guid, name, dob, sex, created_at)
studies (id, patient_id, study_date, study_desc, folder_path)
series (id, study_id, series_number, series_desc, modality, orientation_type)
slices (id, series_id, instance_number, slice_location, orientation_type,
tr, te, png_path, rows, cols, pixel_spacing_row, pixel_spacing_col,
image_position_x/y/z, image_orientation)
-- Auth tables
accounts (id GUID, email, email_hash, name, last_login, created_at)
account_profiles (account_id, profile_id, role, email, created_at)
sessions (token, account_id, profile_id, created_at, expires_at)
auth_codes (email, code, created_at, expires_at)
-- Lab tables
lab_results (id, profile_id, test_name, value, units, ref_range_low,
ref_range_high, collected_at, source)
Build System
All binaries built with FIPS 140-3 cryptographic compliance (requires Go 1.24+).
Build Flow
Source (.253) ──sync──► Mac ──build──► darwin binaries ──deploy──► .253
│ ▲
└────────sync──────► Win (.9) ──build──► win binaries ──deploy────┘
Binaries
| Binary | Platform | Build Location |
|---|---|---|
| inou-portal | Linux | .253 |
| inou-viewer | Linux | .253 |
| import-dicom | Linux | .253 |
| inou-lab-scrape | Linux | .253 |
| inou-lab-import | Linux | .253 |
| inou_bridge_darwin_arm64 | macOS ARM | Mac |
| inou_bridge_darwin_amd64 | macOS Intel | Mac |
| inou_bridge_win_amd64.exe | Windows x64 | .9 |
| inou_bridge_win_arm64.exe | Windows ARM | .9 |
| inou_bridge_win_386.exe | Windows x86 | .9 |
Build Commands
Linux (on .253):
cd ~/dev/inou
make deploy
Mac bridges:
~/dev/inou/build-mac.sh
Windows bridges (from Mac):
sshpass -p 'Helder06' ssh johan@192.168.1.9 "C:\dev\inou\build.bat"
sshpass -p 'Helder06' scp johan@192.168.1.9:'C:/dev/inou/bin/inou_bridge_win_*.exe' /tmp/
scp /tmp/inou_bridge_win_*.exe johan@192.168.1.253:/tank/inou/bin/
Verify FIPS:
ssh johan@192.168.1.253 "/tank/inou/status.sh"
Service Management
ssh johan@192.168.1.253
/tank/inou/start.sh # Start all services
/tank/inou/stop.sh # Stop all services
/tank/inou/status.sh # Check status and FIPS compliance
Logs
tail -f /tank/inou/logs/portal.log
tail -f /tank/inou/logs/viewer.log
Directory Structure
Source (.253)
~/dev/inou/
├── portal/ # Web portal + auth
├── viewer/ # DICOM viewer + REST API
├── import_dicom/ # DICOM importer
├── mcp-client/ # Bridge client source
├── scrape_mychart/ # Lab scraper + importer
├── lib/ # Shared crypto library
├── go.mod, go.sum
├── Makefile
├── README.md
├── journal.md
└── build-mac.sh
Production (.253)
/tank/inou/
├── bin/ # All compiled binaries
├── data/inou.db # SQLite database
├── uploads/ # User uploads by GUID
├── objects/ # Converted images (GUID-based paths)
├── logs/ # Service logs
├── lang/ # Translation files
├── templates/ # Portal HTML templates
├── static/ # CSS, assets
├── static/robots.txt # Search engine rules
├── master.key # Encryption key
├── start.sh, stop.sh, status.sh
Security
Encryption
- FIPS 140-3 compliant (Go 1.24+ native module)
- AES-256-GCM encryption at rest
- TLS 1.3 for transport
- Deterministic encryption for searchable fields
Authentication
- Passwordless: email + one-time code (10 min expiry)
- Session cookies with configurable expiry
- Account GUID isolation (no cross-account access)
Data Isolation
- All queries filtered by profile_id derived from session
- SQL injection protection (parameterized queries)
- Access validation on all endpoints
Product Design
Terminology
| Term | Meaning |
|---|---|
| Account | Human with email who logs in |
| Profile | A person whose data is stored (patient) |
| Exam/Study | One imaging session |
| Series | One sequence within an exam (T1, T2, FLAIR) |
User Flow
- Landing page → Create account (email + code)
- Dashboard → Add profile (name, DOB, sex)
- Profile → Upload exam (DICOM zip)
- Connect Claude Desktop → "Analyze my inou"
- AI reviews images, answers questions
Design
- Modern, warm, not clinical
- IBM Plex Sans font
- Desert color palette: warm beige (#F5EDE4), dark brown (#4A3728), terracotta (#C4704B)
Privacy (prominent)
- Images NEVER used to train AI
- Data NEVER shared
- Always encrypted
- You own your data - delete anytime
i18n
Languages: English, Русский, Nederlands, Español, Français, Deutsch
Detection priority: URL param → Cookie → Accept-Language → English
Data Types
Implemented
- Medical imaging (DICOM)
- Lab results
Planned
- Medical records / clinical notes (PDF)
- Medications / prescriptions
- Genetic data (VCF files)
- Vitals (BP, HR, SpO2, weight, glucose)
- Supplements
- Symptoms / pain journal
Roadmap
High Priority
- Position-based cross-series fetch
- find_slice_at_position tool
- Window/level controls (presets for T1, T2, FLAIR, DWI)
- Better error messages (SESSION_EXPIRED)
Medium Priority
- Batch montage fetch
- Measurement tools (distance, area)
- Series grouping/filtering
- Report system (save markdown, PDF export)
Lower Priority
- Expanded anatomical regions
- Report templates
- Persistent findings/annotations
Infrastructure
- Dedicated Inou server (separate from home lab)
- Encrypted ZFS pool for PHI
- Audit logging
Troubleshooting
FIPS Build Fails
- Ensure Go 1.24+ installed
- Use
GOFIPS140=v1.0.0environment variable - FIPS requires native builds (no cross-compilation)
Bridge Connection Issues
- Check Claude Desktop config JSON syntax
- Verify account GUID is correct
- Test API:
curl https://inou.com/api/version
Service Issues
# Check if running
pgrep -a inou
# Check logs
tail -100 /tank/inou/logs/portal.log
# Restart
/tank/inou/stop.sh && /tank/inou/start.sh
Session Log
See journal.md for detailed session history.
Future: Unified Data Model
See docs/DATA_MODEL_V2.md for planned schema migration to single observations table.