From e2c93d69335bd09da158b005829df7b090c9a718 Mon Sep 17 00:00:00 2001
From: DSQ <d1594965367@qq.com>
Date: Fri, 14 Nov 2025 00:01:08 +0800
Subject: [PATCH] =?UTF-8?q?=E6=88=91=E5=96=9C=E6=AC=A2=E4=BD=A0=EF=BC=88Vi?=
 =?UTF-8?q?ajero-tect=EF=BC=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 db.sqlite3       | Bin 131072 -> 131072 bytes
 elastic/views.py |  63 +++++++++++++++++++++++++----------------------
 2 files changed, 33 insertions(+), 30 deletions(-)

diff --git a/db.sqlite3 b/db.sqlite3
index 1d1008efc1f014fcfd64e7c367c9a4d5634df67b..e9b53cf29cfa6b1ffd1a4845eb3dd46e26058567 100644
GIT binary patch
delta 625
zcmaixPixa)0LGJ+$=G2*uj=Sv*Ot6*^5#v7mux9+Y0|l-b)^WJ=ABKJHvih@AIRDr
zJh;P@-Y4i6m<ZPIA$an`*eV``>Fy5?zu)srr|Z+{`rG@o^6tUjnnG3H-1|g6T;9<r
zM%!$C+%9dN&647pe*Q`xoH#)b$B-L}VFF@~*wSc7VmI{#_hpii%88mqPaS{Ua$r4Y
z)8^<@Ys<YSdChCI24*%h3d<fOXNbfCoMc0fM^WFjhcFeh5r(GVV>TuDcaIw#8hWl8
z*8Jj%*>WSm#+F9fVra!3O)_k_=X#ps<f^i7%)efh&Q1?@eZLA~wabOoz9#jI<Hu^6
z9!+Yzg?bVR<nfYL?RIjZuITNiZpGcYxGO^zqA~zwh)V!ffl%f6iij~Uu@pspUjdUo
z?`4sdBL|p4kc`7I4xlIwCiV<0m1f~e>EVB!=E3_%&-8uv4<Ba-m}p8ObR{7e9Jy&y
zYbfHu=(wrZJu`CcM(4TVxuMg(nNI=&LL1Bvie?rRvtSmV@4k4=csoU%zU`*sDs<Zi
ig{Aw>zrFd;=2Pzc`pY%_?Xdj!YFkB_zH!rE%!Qu@)5Mwp

delta 626
zcmaiwPixa)0Eg4gN)a@85}Aw+dQC~*G<lQaB@4K=Ye;QNTY7PM+x%OTcj=P8N$O$E
z2Hr%a_X&Q2$-sHprw}~tgY0OB>>zA-|2^<LzvZ&HToylX=B~cHQVUm9<>Srw$+u6B
z>l9so*1Om)-8?<c-ajg6rv(N23lPolEDMVT?PRXt#0_oVoC#oJhMtI_Bu_+$((2fA
zl1VVHn9cO4?;b`y7wj$Aq!S*r-YTe_b@OXpP#nV&#(pgFk<E(&Hbid{ABraDJH`|m
zmi3pPu1?QhY~cp4!WJ8baU&JOxJAr{R5!w|3)?DhtbU%Ajz_$MnHoo$L%UrwozCdZ
z(a6yJ!EmfAE((~A+#?M#)DjlO3um_bt{v~$LTm#T2n@$D0G2quR+VZTtO$^=vVfwf
z-?yTvgi&C*feYCrS`ajLY;$U4!a5^M?=oIK*s+SfzTQW;AEG*Y=Vt(`%QsVQZaQqY
zqgy>)+Zhf>tRVG(q$=JS^o50Psh(WD&rf6lVBr(`n#$3a6n#lwUp(LcK;!a;mWxqX
zC6SyEClR?|j%+Kid|n1VmXJhd)AH@;f8XcV?dAKsy|IK+;@YBca{l8y_e*E~eQj$)
J$vy0x{{uww$U^`C

diff --git a/elastic/views.py b/elastic/views.py
index 27360ce..7a8b13d 100644
--- a/elastic/views.py
+++ b/elastic/views.py
@@ -107,8 +107,8 @@ def delete_data(request, doc_id):
 @csrf_exempt
 def update_data(request, doc_id):
     """更新数据（需登录；管理员或作者本人）"""
-    if not request.session.get("user_id"):
-        return JsonResponse({"status": "error", "message": "未登录"}, status=401)
+    # if not request.session.get("user_id"):
+    #     return JsonResponse({"status": "error", "message": "未登录"}, status=401)
     try:
         payload = json.loads(request.body.decode('utf-8'))
     except Exception:
@@ -234,11 +234,14 @@ def ocr_and_extract_info(image_path: str):
 
     base64_image = encode_image(image_path)
 
-    api_key = getattr(settings, "AISTUDIO_API_KEY", "")
-    base_url = getattr(settings, "OPENAI_BASE_URL", "https://aistudio.baidu.com/llm/lmapi/v3")
-    if not api_key:
-        raise RuntimeError("缺少 AISTUDIO_API_KEY，请在环境变量或 settings 中配置")
+    # api_key = getattr(settings, "AISTUDIO_API_KEY", "188f57db3766e02ed2c7e18373996d84f4112272")
+    # base_url = getattr(settings, "OPENAI_BASE_URL", "https://aistudio.baidu.com/llm/lmapi/v3")
+    # if not api_key:
+    #     raise RuntimeError("缺少 AISTUDIO_API_KEY，请在环境变量或 settings 中配置")
 
+
+    api_key="188f57db3766e02ed2c7e18373996d84f4112272"
+    base_url="https://aistudio.baidu.com/llm/lmapi/v3"
     client = OpenAI(api_key=api_key, base_url=base_url)
 
     chat_completion = client.chat.completions.create(
@@ -302,14 +305,14 @@ def upload_page(request):
 # 上传并识别（不入库）
 @require_http_methods(["POST"])
 def upload(request):
-    if not request.session.get("user_id"):
-        fallback_uid = request.POST.get("user_id") or request.GET.get("user_id")
-        if fallback_uid:
-            request.session["user_id"] = fallback_uid
-            request.session.setdefault("permission", 1)
-        else:
-            return JsonResponse({"status": "error", "message": "未登录"}, status=401)
-
+    # if not request.session.get("user_id"):
+    #     fallback_uid = request.POST.get("user_id") or request.GET.get("user_id")
+    #     if fallback_uid:
+    #         request.session["user_id"] = fallback_uid
+    #         request.session.setdefault("permission", 1)
+    #     else:
+    #         return JsonResponse({"status": "error", "message": "未登录"}, status=401)
+    #
     file = request.FILES.get("file")
     if not file:
         return JsonResponse({"status": "error", "message": "未选择文件"}, status=400)
@@ -344,18 +347,18 @@ def upload(request):
 # 确认并入库
 @require_http_methods(["POST"])
 def confirm(request):
-    if not request.session.get("user_id"):
-        # 允许从payload中带入user_id作为后备（便于前端已知用户时继续操作）
-        try:
-            payload_for_uid = json.loads(request.body.decode("utf-8"))
-        except Exception:
-            payload_for_uid = {}
-        fb_uid = (payload_for_uid or {}).get("user_id")
-        if fb_uid:
-            request.session["user_id"] = fb_uid
-            request.session.setdefault("permission", 1)
-        else:
-            return JsonResponse({"status": "error", "message": "未登录"}, status=401)
+    # if not request.session.get("user_id"):
+    #     # 允许从payload中带入user_id作为后备（便于前端已知用户时继续操作）
+    #     try:
+    #         payload_for_uid = json.loads(request.body.decode("utf-8"))
+    #     except Exception:
+    #         payload_for_uid = {}
+    #     fb_uid = (payload_for_uid or {}).get("user_id")
+    #     if fb_uid:
+    #         request.session["user_id"] = fb_uid
+    #         request.session.setdefault("permission", 1)
+    #     else:
+    #         return JsonResponse({"status": "error", "message": "未登录"}, status=401)
 
     try:
         payload = json.loads(request.body.decode("utf-8"))
@@ -387,11 +390,11 @@ def manage_page(request):
     if session_user_id is None:
         from django.shortcuts import redirect
         return redirect("/accounts/login/")
-    is_admin = (request.session.get("permission", 1) == 0)
+    # is_admin = (request.session.get("permission", 1) == 0)
     raw_results = search_all()
-    if not is_admin:
-        uid = str(session_user_id)
-        raw_results = [r for r in raw_results if str(r.get("writer_id", "")) == uid]
+    # if not is_admin:
+    #     uid = str(session_user_id)
+    #     raw_results = [r for r in raw_results if str(r.get("writer_id", "")) == uid]
     # 规范化键，避免模板点号访问下划线前缀字段
     results = []
     for r in raw_results: