diff --git a/accounts/es_client.py b/accounts/es_client.py
index 930cca7..50f7c6f 100644
--- a/accounts/es_client.py
+++ b/accounts/es_client.py
@@ -5,30 +5,25 @@ from .crypto import salt_for_username, derive_password
 
 def get_user_by_username(username: str):
     """
-    从Elasticsearch获取用户数据
+    从Elasticsearch获取用户数据；若不存在则回退到内置admin。
+    期望ES中存储的是明文密码，登录时按用户名盐派生后对nonce做HMAC验证。
     """
-    # 首先尝试从ES获取用户数据
-    # es_user = es_get_user_by_username(username)
-    # if es_user:
-    #     salt = salt_for_username(username)
-    #     derived = derive_password(es_user.get('password', ''), salt)
-    #     # 如果ES中有用户数据，使用ES中的密码
-    #     return {
-    #         'user_id': es_user.get('user_id', 0),
-    #         'username': es_user.get('username', ''),
-    #         'password': base64.b64encode(derived).decode('ascii'),
-    #         'permission': es_user.get('permission', 1),
-    #     }
+    es_user = es_get_user_by_username(username)
+    if es_user:
+        salt = salt_for_username(username)
+        derived = derive_password(es_user.get('password', ''), salt)
+        return {
+            'user_id': es_user.get('user_id', 0),
+            'username': es_user.get('username', ''),
+            'password': base64.b64encode(derived).decode('ascii'),
+            'permission': es_user.get('permission', 1),
+        }
+
     salt = salt_for_username('admin')
     derived = derive_password('admin', salt)
-
     return {
         'user_id': 0,
         'username': 'admin',
         'password': base64.b64encode(derived).decode('ascii'),
         'permission': 0,
-    }
-    
-
-
-    return None
\ No newline at end of file
+    }
\ No newline at end of file