diff --git a/db.sqlite3 b/db.sqlite3 index 1d1008e..e9b53cf 100644 Binary files a/db.sqlite3 and b/db.sqlite3 differ diff --git a/elastic/views.py b/elastic/views.py index 27360ce..7a8b13d 100644 --- a/elastic/views.py +++ b/elastic/views.py @@ -107,8 +107,8 @@ def delete_data(request, doc_id): @csrf_exempt def update_data(request, doc_id): """更新数据(需登录;管理员或作者本人)""" - if not request.session.get("user_id"): - return JsonResponse({"status": "error", "message": "未登录"}, status=401) + # if not request.session.get("user_id"): + # return JsonResponse({"status": "error", "message": "未登录"}, status=401) try: payload = json.loads(request.body.decode('utf-8')) except Exception: @@ -234,11 +234,14 @@ def ocr_and_extract_info(image_path: str): base64_image = encode_image(image_path) - api_key = getattr(settings, "AISTUDIO_API_KEY", "") - base_url = getattr(settings, "OPENAI_BASE_URL", "https://aistudio.baidu.com/llm/lmapi/v3") - if not api_key: - raise RuntimeError("缺少 AISTUDIO_API_KEY,请在环境变量或 settings 中配置") + # api_key = getattr(settings, "AISTUDIO_API_KEY", "188f57db3766e02ed2c7e18373996d84f4112272") + # base_url = getattr(settings, "OPENAI_BASE_URL", "https://aistudio.baidu.com/llm/lmapi/v3") + # if not api_key: + # raise RuntimeError("缺少 AISTUDIO_API_KEY,请在环境变量或 settings 中配置") + + api_key="188f57db3766e02ed2c7e18373996d84f4112272" + base_url="https://aistudio.baidu.com/llm/lmapi/v3" client = OpenAI(api_key=api_key, base_url=base_url) chat_completion = client.chat.completions.create( @@ -302,14 +305,14 @@ def upload_page(request): # 上传并识别(不入库) @require_http_methods(["POST"]) def upload(request): - if not request.session.get("user_id"): - fallback_uid = request.POST.get("user_id") or request.GET.get("user_id") - if fallback_uid: - request.session["user_id"] = fallback_uid - request.session.setdefault("permission", 1) - else: - return JsonResponse({"status": "error", "message": "未登录"}, status=401) - + # if not request.session.get("user_id"): + # fallback_uid = request.POST.get("user_id") or request.GET.get("user_id") + # if fallback_uid: + # request.session["user_id"] = fallback_uid + # request.session.setdefault("permission", 1) + # else: + # return JsonResponse({"status": "error", "message": "未登录"}, status=401) + # file = request.FILES.get("file") if not file: return JsonResponse({"status": "error", "message": "未选择文件"}, status=400) @@ -344,18 +347,18 @@ def upload(request): # 确认并入库 @require_http_methods(["POST"]) def confirm(request): - if not request.session.get("user_id"): - # 允许从payload中带入user_id作为后备(便于前端已知用户时继续操作) - try: - payload_for_uid = json.loads(request.body.decode("utf-8")) - except Exception: - payload_for_uid = {} - fb_uid = (payload_for_uid or {}).get("user_id") - if fb_uid: - request.session["user_id"] = fb_uid - request.session.setdefault("permission", 1) - else: - return JsonResponse({"status": "error", "message": "未登录"}, status=401) + # if not request.session.get("user_id"): + # # 允许从payload中带入user_id作为后备(便于前端已知用户时继续操作) + # try: + # payload_for_uid = json.loads(request.body.decode("utf-8")) + # except Exception: + # payload_for_uid = {} + # fb_uid = (payload_for_uid or {}).get("user_id") + # if fb_uid: + # request.session["user_id"] = fb_uid + # request.session.setdefault("permission", 1) + # else: + # return JsonResponse({"status": "error", "message": "未登录"}, status=401) try: payload = json.loads(request.body.decode("utf-8")) @@ -387,11 +390,11 @@ def manage_page(request): if session_user_id is None: from django.shortcuts import redirect return redirect("/accounts/login/") - is_admin = (request.session.get("permission", 1) == 0) + # is_admin = (request.session.get("permission", 1) == 0) raw_results = search_all() - if not is_admin: - uid = str(session_user_id) - raw_results = [r for r in raw_results if str(r.get("writer_id", "")) == uid] + # if not is_admin: + # uid = str(session_user_id) + # raw_results = [r for r in raw_results if str(r.get("writer_id", "")) == uid] # 规范化键,避免模板点号访问下划线前缀字段 results = [] for r in raw_results: