Upload 8 files

.dockerignore

@@ -0,0 +1,18 @@
+node_modules
+npm-debug.log
+.env*
+.git
+.gitignore
+*.md
+coverage
+.nyc_output
+*.log
+logs/*
+!logs/.gitkeep
+uploads/*
+!uploads/.gitkeep
+campus_circle.db
+.vscode/
+.idea/
+.DS_Store
+Thumbs.db

Dockerfile

@@ -0,0 +1,42 @@
+# 使用官方Node.js 18 LTS镜像
+FROM node:18-slim
+
+# 设置工作目录
+WORKDIR /app
+
+# 安装系统依赖
+RUN apt-get update && apt-get install -y \
+    python3 \
+    make \
+    g++ \
+    && rm -rf /var/lib/apt/lists/*
+
+# 复制package.json和package-lock.json
+COPY package*.json ./
+
+# 安装npm依赖
+RUN npm install --omit=dev && npm cache clean --force
+
+# 复制应用代码
+COPY . .
+
+# 创建必要的目录
+RUN mkdir -p uploads logs images
+
+# 设置权限并切换用户
+RUN chown -R 1000:1000 /app
+USER 1000
+
+# 暴露Hugging Face Spaces标准端口
+EXPOSE 7860
+
+# 设置环境变量
+ENV NODE_ENV=production
+ENV PORT=7860
+
+# 健康检查
+HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
+  CMD node -e "require('http').get('http://localhost:7860/api/health', (res) => { process.exit(res.statusCode === 200 ? 0 : 1) }).on('error', () => process.exit(1))"
+
+# 启动应用
+CMD ["node", "server-mysql.js"]

README.md

@@ -1,12 +1,126 @@
 ---
-title: Campusloop
-emoji: 🐢
-colorFrom: indigo
-colorTo: green
+title: CampusLoop Backend
+emoji: 🎓
+colorFrom: blue
+colorTo: purple
 sdk: docker
 pinned: false
 license: mit
-short_description: campusloop-backend
+app_port: 7860
+startup_duration_timeout: 60s
 ---
 
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+# CampusLoop Backend API
+
+校园圈社交应用后端服务，提供用户管理、动态发布、论坛讨论、活动管理等功能。
+
+## 🚀 功能特性
+
+- 🔐 **用户认证系统** - 注册、登录、JWT认证
+- 📝 **动态发布** - 文字、图片动态发布与评论
+- 💬 **论坛讨论** - 多话题论坛交流
+- 🎉 **活动管理** - 校园活动发布与参与
+- 📚 **课程表管理** - 个人课程安排
+- 🔍 **失物招领** - 校园失物发布与寻找
+- 📊 **成绩管理** - 学生成绩查询
+- 🔔 **消息通知** - 实时消息推送
+
+## 📡 API 接口文档
+
+### 认证接口
+- `POST /api/auth/register` - 用户注册
+- `POST /api/auth/login` - 用户登录
+- `GET /api/user/profile` - 获取用户信息
+
+### 动态接口
+- `GET /api/posts` - 获取动态列表
+- `POST /api/posts` - 发布动态
+- `GET /api/posts/:id/comments` - 获取动态评论
+- `POST /api/posts/:id/comments` - 添加评论
+- `POST /api/posts/:id/like` - 点赞动态
+
+### 论坛接口
+- `GET /api/forum/posts` - 获取论坛帖子
+- `POST /api/forum/posts` - 创建论坛帖子
+- `GET /api/forum/posts/:id` - 获取帖子详情
+
+### 活动接口
+- `GET /api/activities` - 获取活动列表
+- `POST /api/activities` - 创建活动
+- `POST /api/activities/:id/join` - 参加活动
+
+### 课程表接口
+- `GET /api/schedule` - 获取课程表
+- `POST /api/schedule` - 添加课程
+
+### 失物招领接口
+- `GET /api/lostfound` - 获取失物信息
+- `POST /api/lostfound` - 发布失物信息
+
+### 成绩接口
+- `GET /api/grades` - 获取成绩
+- `POST /api/grades` - 添加成绩
+
+### 通知接口
+- `GET /api/notifications` - 获取通知列表
+- `POST /api/notifications/:id/read` - 标记通知已读
+
+## 🏥 健康检查
+
+访问 `/api/health` 查看服务状态：
+
+```json
+{
+  "status": "ok",
+  "timestamp": "2024-11-14T03:00:00.000Z",
+  "service": "campusloop-backend"
+}
+```
+
+## 🛠 技术栈
+
+- **后端框架**: Node.js + Express.js
+- **数据库**: MySQL
+- **认证**: JWT (JSON Web Tokens)
+- **文件上传**: Multer
+- **日志系统**: Winston
+- **实时通信**: Socket.io
+- **安全**: Helmet + CORS
+- **容器化**: Docker
+
+## 🔧 环境配置
+
+应用需要以下环境变量：
+
+```bash
+NODE_ENV=production
+PORT=7860
+MYSQL_HOST=your_mysql_host
+MYSQL_PORT=your_mysql_port
+MYSQL_USER=your_mysql_user
+MYSQL_PASSWORD=your_mysql_password
+MYSQL_DATABASE=campus_circle
+JWT_SECRET=your_jwt_secret
+```
+
+## 📝 使用说明
+
+1. **健康检查**: `GET /api/health`
+2. **用户注册**: `POST /api/auth/register`
+3. **用户登录**: `POST /api/auth/login`
+4. **获取动态**: `GET /api/posts`
+
+## 🎯 部署信息
+
+- **平台**: Hugging Face Spaces
+- **端口**: 7860
+- **协议**: HTTPS
+- **域名**: 自动分配 `.hf.space` 域名
+
+## 📄 许可证
+
+MIT License - 详见 LICENSE 文件
+
+---
+
+由响指AI开发 🤖

db-config.js

@@ -0,0 +1,709 @@
+// db-config.js - 数据库配置和连接管理
+require('dotenv').config();
+const mysql = require('mysql2/promise');
+
+// MySQL 连接池配置
+const pool = mysql.createPool({
+  host: process.env.MYSQL_HOST || 'gz-cdb-1xrcr3dt.sql.tencentcdb.com',
+  port: process.env.MYSQL_PORT || 23767,
+  user: process.env.MYSQL_USER || 'root',
+  password: process.env.MYSQL_PASSWORD,
+  database: process.env.MYSQL_DATABASE || 'campus_circle',
+  waitForConnections: true,
+  connectionLimit: 10,
+  queueLimit: 0,
+  enableKeepAlive: true,
+  keepAliveInitialDelay: 0,
+  connectTimeout: 60000, // 60秒连接超时
+  acquireTimeout: 60000, // 60秒获取连接超时
+  timeout: 60000, // 60秒查询超时
+  timezone: '+08:00' // 设置为北京时间（东八区）
+});
+
+// 初始化数据库表
+async function initDatabase() {
+  const connection = await pool.getConnection();
+  
+  try {
+    console.log('开始初始化MySQL数据库...');
+    
+    // 创建用户表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS users (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        username VARCHAR(255) UNIQUE NOT NULL,
+        email VARCHAR(255) UNIQUE NOT NULL,
+        password VARCHAR(255) NOT NULL,
+        avatar LONGTEXT,
+        bio TEXT,
+        role VARCHAR(50) DEFAULT 'user',
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 为现有用户表添加role字段（如果不存在）
+    try {
+      await connection.query(`
+        ALTER TABLE users ADD COLUMN role VARCHAR(50) DEFAULT 'user'
+      `);
+      console.log('✅ role字段添加成功');
+    } catch (error) {
+      if (error.code === 'ER_DUP_FIELDNAME') {
+        console.log('role字段已存在，跳过添加');
+      } else {
+        console.log('添加role字段时出错:', error.message);
+      }
+    }
+
+    // 为现有用户表添加student_id字段（如果不存在）
+    try {
+      await connection.query(`
+        ALTER TABLE users ADD COLUMN student_id VARCHAR(50) DEFAULT NULL
+      `);
+      console.log('✅ student_id字段添加成功');
+    } catch (error) {
+      if (error.code === 'ER_DUP_FIELDNAME') {
+        console.log('student_id字段已存在，跳过添加');
+      } else {
+        console.log('添加student_id字段时出错:', error.message);
+      }
+    }
+
+    // 为现有用户表添加phone字段（如果不存在）
+    try {
+      await connection.query(`
+        ALTER TABLE users ADD COLUMN phone VARCHAR(20) DEFAULT NULL
+      `);
+      console.log('✅ phone字段添加成功');
+    } catch (error) {
+      if (error.code === 'ER_DUP_FIELDNAME') {
+        console.log('phone字段已存在，跳过添加');
+      } else {
+        console.log('添加phone字段时出错:', error.message);
+      }
+    }
+
+    // 为现有用户表添加major字段（如果不存在）
+    try {
+      await connection.query(`
+        ALTER TABLE users ADD COLUMN major VARCHAR(100) DEFAULT NULL
+      `);
+      console.log('✅ major字段添加成功');
+    } catch (error) {
+      if (error.code === 'ER_DUP_FIELDNAME') {
+        console.log('major字段已存在，跳过添加');
+      } else {
+        console.log('添加major字段时出错:', error.message);
+      }
+    }
+
+    // 为现有用户表添加grade字段（如果不存在）
+    try {
+      await connection.query(`
+        ALTER TABLE users ADD COLUMN grade VARCHAR(20) DEFAULT NULL
+      `);
+      console.log('✅ grade字段添加成功');
+    } catch (error) {
+      if (error.code === 'ER_DUP_FIELDNAME') {
+        console.log('grade字段已存在，跳过添加');
+      } else {
+        console.log('添加grade字段时出错:', error.message);
+      }
+    }
+
+    // 为现有用户表添加gender字段（如果不存在）
+    try {
+      await connection.query(`
+        ALTER TABLE users ADD COLUMN gender VARCHAR(10) DEFAULT NULL
+      `);
+      console.log('✅ gender字段添加成功');
+    } catch (error) {
+      if (error.code === 'ER_DUP_FIELDNAME') {
+        console.log('gender字段已存在，跳过添加');
+      } else {
+        console.log('添加gender字段时出错:', error.message);
+      }
+    }
+
+    // 升级avatar字段类型以支持base64存储
+    try {
+      await connection.query(`
+        ALTER TABLE users MODIFY COLUMN avatar LONGTEXT
+      `);
+      console.log('✅ avatar字段类型已升级为LONGTEXT');
+    } catch (error) {
+      console.log('升级avatar字段类型时出错:', error.message);
+    }
+
+    // 为现有失物招领表添加images字段（如果不存在）
+    try {
+      await connection.query(`
+        ALTER TABLE lost_found ADD COLUMN images LONGTEXT DEFAULT NULL
+      `);
+      console.log('✅ lost_found表images字段添加成功');
+    } catch (error) {
+      if (error.code === 'ER_DUP_FIELDNAME') {
+        console.log('lost_found表images字段已存在，尝试升级字段类型');
+        // 尝试���级字段类型为LONGTEXT
+        try {
+          await connection.query(`
+            ALTER TABLE lost_found MODIFY COLUMN images LONGTEXT DEFAULT NULL
+          `);
+          console.log('✅ lost_found表images字段升级为LONGTEXT成功');
+        } catch (modifyError) {
+          console.log('升级lost_found表images字段类型时出错:', modifyError.message);
+        }
+      } else {
+        console.log('添加lost_found表images字段时出错:', error.message);
+        // 如果是其他错误，继续执行但记录日志
+      }
+    }
+
+    // 创建动态表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS posts (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        user_id INT NOT NULL,
+        content TEXT,
+        image LONGTEXT,
+        likes INT DEFAULT 0,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_user_id (user_id),
+        INDEX idx_created_at (created_at)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+    
+    // 升级posts表的image字段类型
+    try {
+      await connection.query(`
+        ALTER TABLE posts MODIFY COLUMN image LONGTEXT
+      `);
+      console.log('✅ posts表image字段已升级为LONGTEXT');
+    } catch (error) {
+      console.log('升级posts表image字段时出错:', error.message);
+    }
+    
+    // 修改content字段为可选
+    try {
+      await connection.query(`
+        ALTER TABLE posts MODIFY COLUMN content TEXT
+      `);
+      console.log('✅ posts表content字段已改为可选');
+    } catch (error) {
+      console.log('修改posts表content字段时出错:', error.message);
+    }
+
+    // 创建评论表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS comments (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        post_id INT NOT NULL,
+        user_id INT NOT NULL,
+        content TEXT NOT NULL,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (post_id) REFERENCES posts(id) ON DELETE CASCADE,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_post_id (post_id)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建点赞表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS likes (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        post_id INT NOT NULL,
+        user_id INT NOT NULL,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (post_id) REFERENCES posts(id) ON DELETE CASCADE,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        UNIQUE KEY unique_like (post_id, user_id),
+        INDEX idx_post_id (post_id),
+        INDEX idx_user_id (user_id)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建活动表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS activities (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        title VARCHAR(255) NOT NULL,
+        description TEXT NOT NULL,
+        location VARCHAR(255) NOT NULL,
+        start_time DATETIME NOT NULL,
+        end_time DATETIME NOT NULL,
+        organizer_id INT NOT NULL,
+        participants INT DEFAULT 0,
+        status VARCHAR(50) DEFAULT 'active',
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (organizer_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_status (status),
+        INDEX idx_start_time (start_time)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建活动参与表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS activity_participants (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        activity_id INT NOT NULL,
+        user_id INT NOT NULL,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (activity_id) REFERENCES activities(id) ON DELETE CASCADE,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        UNIQUE KEY unique_participant (activity_id, user_id)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建好友关系表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS friendships (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        user_id INT NOT NULL,
+        friend_id INT NOT NULL,
+        status VARCHAR(20) DEFAULT 'pending',
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        FOREIGN KEY (friend_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_user_id (user_id),
+        INDEX idx_friend_id (friend_id),
+        INDEX idx_status (status)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建聊天消息表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS chat_messages (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        sender_id INT NOT NULL,
+        receiver_id INT NOT NULL,
+        content TEXT NOT NULL,
+        type VARCHAR(20) DEFAULT 'text',
+        is_read BOOLEAN DEFAULT FALSE,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (sender_id) REFERENCES users(id) ON DELETE CASCADE,
+        FOREIGN KEY (receiver_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_sender_id (sender_id),
+        INDEX idx_receiver_id (receiver_id),
+        INDEX idx_created_at (created_at)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建课程表表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS schedules (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        user_id INT NOT NULL,
+        course_name VARCHAR(255) NOT NULL,
+        teacher VARCHAR(255) NOT NULL,
+        weekday INT NOT NULL,
+        start_time VARCHAR(10) NOT NULL,
+        end_time VARCHAR(10) NOT NULL,
+        classroom VARCHAR(255) DEFAULT '',
+        week_start INT DEFAULT 1,
+        week_end INT DEFAULT 16,
+        week_type VARCHAR(20) DEFAULT 'all',
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_user_id (user_id)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建论坛帖子表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS forum_posts (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        user_id INT NOT NULL,
+        title VARCHAR(255) NOT NULL,
+        content TEXT NOT NULL,
+        topic VARCHAR(100) NOT NULL,
+        replies INT DEFAULT 0,
+        views INT DEFAULT 0,
+        likes INT DEFAULT 0,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_topic (topic),
+        INDEX idx_created_at (created_at)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建论坛帖子点赞表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS forum_post_likes (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        post_id INT NOT NULL,
+        user_id INT NOT NULL,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (post_id) REFERENCES forum_posts(id) ON DELETE CASCADE,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        UNIQUE KEY unique_like (post_id, user_id)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建论坛帖子评论表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS forum_post_comments (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        post_id INT NOT NULL,
+        user_id INT NOT NULL,
+        content TEXT NOT NULL,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (post_id) REFERENCES forum_posts(id) ON DELETE CASCADE,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_post_id (post_id)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建失物招领表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS lost_found (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        user_id INT NOT NULL,
+        title VARCHAR(255) NOT NULL,
+        description TEXT NOT NULL,
+        category VARCHAR(100) NOT NULL,
+        status VARCHAR(50) DEFAULT 'active',
+        contact VARCHAR(255) DEFAULT '',
+        images LONGTEXT DEFAULT NULL,
+        likes INT DEFAULT 0,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_category (category),
+        INDEX idx_status (status)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建失物招领点赞表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS lost_found_likes (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        item_id INT NOT NULL,
+        user_id INT NOT NULL,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (item_id) REFERENCES lost_found(id) ON DELETE CASCADE,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        UNIQUE KEY unique_like (item_id, user_id)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建成绩表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS grades (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        user_id INT NOT NULL,
+        course_name VARCHAR(255) NOT NULL,
+        score DECIMAL(5,2) NOT NULL,
+        semester VARCHAR(100) NOT NULL,
+        credit INT DEFAULT 3,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_user_id (user_id)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建失物招领点赞表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS lost_found_likes (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        item_id INT NOT NULL,
+        user_id INT NOT NULL,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (item_id) REFERENCES lost_found(id) ON DELETE CASCADE,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        UNIQUE KEY unique_like (item_id, user_id)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建通知表
+    await connection.query(`
+      CREATE TABLE IF NOT EXISTS notifications (
+        id INT PRIMARY KEY AUTO_INCREMENT,
+        user_id INT NOT NULL,
+        type VARCHAR(100) NOT NULL,
+        title VARCHAR(255) NOT NULL,
+        message TEXT NOT NULL,
+        read_status TINYINT DEFAULT 0,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        INDEX idx_user_id (user_id),
+        INDEX idx_read_status (read_status)
+      ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+    `);
+
+    // 创建默认管理员账户
+    const bcrypt = require('bcrypt');
+    const hashedPassword = await bcrypt.hash('admin', 10);
+    
+    // 创建或更新管理员账户
+    try {
+      // 首先检查是否已存在admin用户
+      const [existingAdmin] = await connection.query(
+        'SELECT id FROM users WHERE username = ? OR email = ?',
+        ['admin', 'admin@campus.edu']
+      );
+
+      if (existingAdmin.length > 0) {
+        // 管理员用户已存在，更新密码和角色（使用默认头像）
+        await connection.query(`
+          UPDATE users SET password = ?, role = 'admin', avatar = '/images/default-avatar.svg' 
+          WHERE username = 'admin' OR email = 'admin@campus.edu'
+        `, [hashedPassword]);
+        console.log('👑 管理员账户更新成功: admin/admin');
+      } else {
+        // 管理员用户不存在，创建新的
+        try {
+          await connection.query(`
+            INSERT INTO users (username, email, password, role, avatar) 
+            VALUES ('admin', 'admin@campus.edu', ?, 'admin', '/images/default-avatar.svg')
+          `, [hashedPassword]);
+          console.log('👑 管理员账户创建成功: admin/admin (新建)');
+        } catch (insertError) {
+          if (insertError.code === 'ER_BAD_FIELD_ERROR') {
+            // role字段不存在，使用不带role的插入语句
+            await connection.query(`
+              INSERT INTO users (username, email, password, avatar) 
+              VALUES ('admin', 'admin@campus.edu', ?, '/images/default-avatar.svg')
+            `, [hashedPassword]);
+            console.log('👑 管理员账户创建成功: admin/admin (无role字段)');
+          } else {
+            throw insertError;
+          }
+        }
+      }
+    } catch (error) {
+      console.error('❌ 管理员账户创建/更新失败:', error.message);
+      // 不抛出错误，继续执行
+    }
+
+    // 插入示例数据
+    try {
+      console.log('🎯 开始插入示例数据...');
+
+      // 插入论坛帖子样例数据
+      await connection.query(`
+        INSERT IGNORE INTO forum_posts (id, user_id, title, content, topic, replies, views, likes, created_at) 
+        VALUES (1, 2, '如何高效学习数据结构与算法？', '最近在学数据结构，感觉有些吃力，有没有好的学习方法和资源推荐？', 'study', 15, 128, 8, '2024-01-15 10:30:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO forum_posts (id, user_id, title, content, topic, replies, views, likes, created_at) 
+        VALUES (2, 2, '校园食堂新菜品试吃活动', '听说食堂要推出新菜品了，有没有同学想一起去试吃的？', 'life', 8, 95, 12, '2024-01-14 15:20:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO forum_posts (id, user_id, title, content, topic, replies, views, likes, created_at) 
+        VALUES (3, 2, 'React开发经验分享', '分享一些React开发中的最佳实践和常见问题解决方案', 'tech', 22, 186, 25, '2024-01-13 09:15:00')
+      `);
+
+      // 插入活动样例数据
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (1, '校园科技节开幕式', '第十届校园科技节即将开幕，欢迎广大师生参与！本次科技节将展示最新的科技成果和学生创新项目。', '学校大礼堂', '2024-12-20 09:00:00', '2024-12-20 12:00:00', 2, 156, 'active', '2024-11-15 10:30:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (2, '春季篮球联赛', '校园春季篮球联赛火热开赛，各学院代表队将展开激烈角逐，精彩不容错过！', '���育馆', '2024-12-25 14:00:00', '2024-12-25 18:00:00', 2, 89, 'active', '2024-11-14 15:20:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (3, '迎新文艺晚会', '迎新文艺晚会正在紧张彩排中，各社团精心准备的节目即将与大家见面。', '艺术中心', '2024-12-18 19:00:00', '2024-12-18 21:00:00', 2, 45, 'active', '2024-11-13 09:15:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (4, '编程马拉松大赛', '24小时编程挑战赛，展示你的编程技能，与顶尖程序员同台竞技！奖品丰厚，欢迎报名参加。', '计算机学院实验楼', '2025-01-01 09:00:00', '2025-01-02 09:00:00', 2, 78, 'active', '2024-11-16 14:30:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (5, '校园招聘会', '知名企业校园招聘会，提供实习和就业机会，涵盖IT、金融、制造等多个行业。', '学生活动中心', '2025-01-05 10:00:00', '2025-01-05 17:00:00', 2, 234, 'active', '2024-11-17 11:20:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (6, '环保志愿活动', '校园环保志愿活动，一起为美丽校园贡献力量！清理校园垃圾，种植绿色植物。', '校园各区域', '2025-01-08 08:00:00', '2025-01-08 12:00:00', 2, 67, 'active', '2024-11-18 16:45:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (7, '学术讲座：人工智能前沿', '邀请知名AI专家分享人工智能最新发展趋势，探讨未来科技发展方向。', '学术报告厅', '2025-01-12 15:00:00', '2025-01-12 17:00:00', 2, 123, 'active', '2024-11-19 10:15:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (8, '社团嘉年华', '各大社团展示活动，精彩表演、互动游戏、美食品尝，体验丰富多彩的社团文化！', '中央广场', '2025-01-15 14:00:00', '2025-01-15 20:00:00', 2, 189, 'active', '2024-11-20 13:30:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (9, '创业项目路演', '学生创业项目路演大赛，展示创新创业成果，获得投资机会和创业指导。', '创新创业中心', '2025-01-18 13:30:00', '2025-01-18 17:30:00', 2, 56, 'active', '2024-11-21 09:45:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activities (id, title, description, location, start_time, end_time, organizer_id, participants, status, created_at) 
+        VALUES (10, '春游踏青活动', '春暖花开，组织全校师生春游踏青，亲近自然，放松身心，增进友谊。', '郊外公园', '2025-01-22 08:00:00', '2025-01-22 18:00:00', 2, 145, 'active', '2024-11-22 12:20:00')
+      `);
+
+      // 插入活动参与者样例数据
+      await connection.query(`
+        INSERT IGNORE INTO activity_participants (activity_id, user_id, created_at) 
+        VALUES (1, 2, '2024-01-16 10:30:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activity_participants (activity_id, user_id, created_at) 
+        VALUES (2, 2, '2024-01-15 15:20:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activity_participants (activity_id, user_id, created_at) 
+        VALUES (4, 2, '2024-01-17 14:30:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activity_participants (activity_id, user_id, created_at) 
+        VALUES (5, 2, '2024-01-18 11:20:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO activity_participants (activity_id, user_id, created_at) 
+        VALUES (7, 2, '2024-01-20 10:15:00')
+      `);
+
+      // 插入课程表样例数据
+      await connection.query(`
+        INSERT IGNORE INTO schedules (id, user_id, course_name, teacher, weekday, start_time, end_time, classroom, created_at) 
+        VALUES (1, 2, '高等数学A', '张教授', 1, '08:00', '09:40', '教学楼A201', '2024-01-15 00:00:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO schedules (id, user_id, course_name, teacher, weekday, start_time, end_time, classroom, created_at) 
+        VALUES (2, 2, '大学英语', '李老师', 2, '10:00', '11:40', '教学楼B305', '2024-01-15 00:00:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO schedules (id, user_id, course_name, teacher, weekday, start_time, end_time, classroom, created_at) 
+        VALUES (3, 2, '程序设计基础', '王老师', 3, '14:00', '15:40', '实验楼C102', '2024-01-15 00:00:00')
+      `);
+
+      // 插入失物招领样例数据
+      await connection.query(`
+        INSERT IGNORE INTO lost_found (id, user_id, title, description, category, status, contact, created_at) 
+        VALUES (1, 2, '苹果手机 iPhone 14', '黑色iPhone 14，在图书馆三楼遗失，手机壳是透明的', 'electronics', 'active', '微信：abc123', '2024-01-15 10:30:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO lost_found (id, user_id, title, description, category, status, contact, created_at) 
+        VALUES (2, 2, '高等数学教材', '同济版高等数学上册，封面有些磨损，内有笔记', 'books', 'active', 'QQ：123456789', '2024-01-14 15:20:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO lost_found (id, user_id, title, description, category, status, contact, created_at) 
+        VALUES (3, 2, '黑色钥匙串', '有宿舍钥匙和自行车钥匙，钥匙串上有小熊挂件', 'keys', 'resolved', '电话：138****5678', '2024-01-13 09:15:00')
+      `);
+
+      // 插入动态样例数据
+      await connection.query(`
+        INSERT IGNORE INTO posts (id, user_id, content, likes, created_at) 
+        VALUES 
+        (1, 2, '欢迎来到校园圈！这里是同学们分享校园生活的地方。', 5, '2024-01-15 08:00:00'),
+        (2, 2, '今天天气真不错，适合在校园里走走拍照。', 8, '2024-01-14 16:30:00'),
+        (3, 2, '图书馆新到了一批好书，推荐大家去看看！📚', 12, '2024-01-13 14:20:00'),
+        (4, 2, '食堂今天的新菜品超好吃！强烈推荐麻辣香锅🍲', 15, '2024-01-12 12:30:00'),
+        (5, 2, '期末考试加油！大家一起努力💪', 20, '2024-01-11 09:00:00'),
+        (6, 2, '校园篮球赛精彩瞬间，我们班赢了！🏀', 18, '2024-01-10 17:45:00'),
+        (7, 2, '分享一个学习小技巧：番茄工作法真的很有效！', 25, '2024-01-09 20:15:00'),
+        (8, 2, '校园的樱花开了，太美了！春天来了🌸', 30, '2024-01-08 15:30:00'),
+        (9, 2, '求推荐好用的学习APP，有没有同学分享一下？', 10, '2024-01-07 11:00:00'),
+        (10, 2, '今天参加了社团活动，认识了很多新朋友😊', 22, '2024-01-06 18:20:00')
+      `);
+
+      // 插入成绩样例数据
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (1, 2, '高等数学A', 92, '2024春季', 4, '2024-01-15 00:00:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (2, 2, '大学英语', 88, '2024春季', 3, '2024-01-15 00:00:00')
+      `);
+      
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (3, 2, '程序设计基础', 95, '2024春季', 3, '2024-01-15 00:00:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (4, 2, '线性代数', 85, '2024春季', 3, '2024-01-15 00:00:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (5, 2, '大学物理', 90, '2024春季', 4, '2024-01-15 00:00:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (6, 2, '数据结构', 93, '2024秋季', 4, '2024-09-01 00:00:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (7, 2, '计算机网络', 87, '2024秋季', 3, '2024-09-01 00:00:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (8, 2, '操作系统', 91, '2024秋季', 4, '2024-09-01 00:00:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (9, 2, '数据库原理', 89, '2024秋季', 3, '2024-09-01 00:00:00')
+      `);
+
+      await connection.query(`
+        INSERT IGNORE INTO grades (id, user_id, course_name, score, semester, credit, created_at) 
+        VALUES (10, 2, '软件工程', 94, '2024秋季', 3, '2024-09-01 00:00:00')
+      `);
+
+      console.log('🎉 示例数据插入完成');
+    } catch (error) {
+      console.error('❌ 示例数据插入失败:', error.message);
+      // 不抛出错误，继续执行
+    }
+
+    console.log('✅ 数据库初始化完成');
+  } catch (error) {
+    console.error('❌ 数据库初始化失败:', error);
+    throw error;
+  } finally {
+    connection.release();
+  }
+}
+
+// 测试数据库连接
+async function testConnection() {
+  try {
+    const connection = await pool.getConnection();
+    console.log('✅ MySQL数据库连接成功！');
+    console.log('主机:', process.env.MYSQL_HOST);
+    console.log('端口:', process.env.MYSQL_PORT);
+    console.log('数据库:', process.env.MYSQL_DATABASE);
+    connection.release();
+    return true;
+  } catch (error) {
+    console.error('❌ MySQL数据库连接失败:', error.message);
+    return false;
+  }
+}
+
+module.exports = {
+  pool,
+  initDatabase,
+  testConnection
+};

package-lock.json

@@ -0,0 +1,29 @@
+{
+  "name": "campusloop-backend-hf",
+  "version": "1.0.0",
+  "lockfileVersion": 2,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "campusloop-backend-hf",
+      "version": "1.0.0",
+      "license": "MIT",
+      "dependencies": {
+        "bcrypt": "^5.1.0",
+        "cors": "^2.8.5",
+        "dotenv": "^16.0.0",
+        "express": "^4.18.0",
+        "express-validator": "^6.14.0",
+        "helmet": "^6.0.0",
+        "jsonwebtoken": "^9.0.0",
+        "multer": "^1.4.4",
+        "mysql2": "^3.6.0",
+        "winston": "^3.8.0"
+      },
+      "engines": {
+        "node": ">=18.0.0",
+        "npm": ">=8.0.0"
+      }
+    }
+  }
+}

package.json

@@ -0,0 +1,30 @@
+{
+  "name": "campusloop-backend-hf",
+  "version": "1.0.0",
+  "description": "CampusLoop Backend API for Hugging Face Spaces",
+  "main": "server-mysql.js",
+  "scripts": {
+    "start": "node server-mysql.js",
+    "dev": "node server-mysql.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": ["campus", "social", "backend", "api", "mysql"],
+  "author": "响指AI",
+  "license": "MIT",
+  "dependencies": {
+    "bcrypt": "^5.1.0",
+    "cors": "^2.8.5",
+    "dotenv": "^16.0.0",
+    "express": "^4.18.0",
+    "express-validator": "^6.14.0",
+    "helmet": "^6.0.0",
+    "jsonwebtoken": "^9.0.0",
+    "multer": "1.4.4-lts.1",
+    "mysql2": "^3.6.0",
+    "winston": "^3.8.0"
+  },
+  "engines": {
+    "node": ">=18.0.0",
+    "npm": ">=8.0.0"
+  }
+}

r2-storage.js

@@ -0,0 +1,270 @@
+/**
+ * Cloudflare R2 图片存储模块
+ * 
+ * 配置说明：
+ * 在 .env 文件中添加以下环境变量：
+ * R2_ACCOUNT_ID=你的Cloudflare账户ID
+ * R2_ACCESS_KEY_ID=你的R2访问密钥ID
+ * R2_SECRET_ACCESS_KEY=你的R2秘密访问密钥
+ * R2_BUCKET_NAME=campusloop-images
+ * R2_PUBLIC_URL=https://你的公开访问域名（可选）
+ */
+
+const crypto = require('crypto');
+const https = require('https');
+const http = require('http');
+
+class R2Storage {
+  constructor() {
+    this.accountId = process.env.R2_ACCOUNT_ID;
+    this.accessKeyId = process.env.R2_ACCESS_KEY_ID;
+    this.secretAccessKey = process.env.R2_SECRET_ACCESS_KEY;
+    this.bucketName = process.env.R2_BUCKET_NAME || 'campusloop-images';
+    this.publicUrl = process.env.R2_PUBLIC_URL;
+    
+    // R2 端点
+    this.endpoint = `${this.accountId}.r2.cloudflarestorage.com`;
+    this.region = 'auto';
+    this.service = 's3';
+  }
+
+  /**
+   * 检查 R2 是否已配置
+   */
+  isConfigured() {
+    return !!(this.accountId && this.accessKeyId && this.secretAccessKey);
+  }
+
+  /**
+   * 生成 AWS Signature V4 签名
+   */
+  sign(key, msg) {
+    return crypto.createHmac('sha256', key).update(msg, 'utf8').digest();
+  }
+
+  getSignatureKey(dateStamp) {
+    const kDate = this.sign('AWS4' + this.secretAccessKey, dateStamp);
+    const kRegion = this.sign(kDate, this.region);
+    const kService = this.sign(kRegion, this.service);
+    const kSigning = this.sign(kService, 'aws4_request');
+    return kSigning;
+  }
+
+  /**
+   * 上传文件到 R2
+   * @param {Buffer} fileBuffer - 文件内容
+   * @param {string} fileName - 文件名
+   * @param {string} contentType - MIME 类型
+   * @param {Object} options - 可选配置
+   * @param {string} options.customKey - 自定义存储路径（用于覆盖上传）
+   * @returns {Promise<{success: boolean, url: string, key: string}>}
+   */
+  async uploadFile(fileBuffer, fileName, contentType, options = {}) {
+    if (!this.isConfigured()) {
+      throw new Error('R2 存储未配置，请设置环境变量');
+    }
+
+    let key;
+    if (options.customKey) {
+      // 使用自定义路径（用于头像等需要覆盖的场景）
+      key = options.customKey;
+    } else {
+      // 生成唯一的文件名
+      const timestamp = Date.now();
+      const randomStr = crypto.randomBytes(8).toString('hex');
+      const ext = fileName.split('.').pop() || 'jpg';
+      key = `uploads/${timestamp}-${randomStr}.${ext}`;
+    }
+
+    const now = new Date();
+    const amzDate = now.toISOString().replace(/[:-]|\.\d{3}/g, '');
+    const dateStamp = amzDate.slice(0, 8);
+
+    const method = 'PUT';
+    const canonicalUri = `/${this.bucketName}/${key}`;
+    const host = this.endpoint;
+
+    // 计算内容哈希
+    const payloadHash = crypto.createHash('sha256').update(fileBuffer).digest('hex');
+
+    // 构建规范请求
+    const canonicalHeaders = [
+      `content-type:${contentType}`,
+      `host:${host}`,
+      `x-amz-content-sha256:${payloadHash}`,
+      `x-amz-date:${amzDate}`
+    ].join('\n') + '\n';
+
+    const signedHeaders = 'content-type;host;x-amz-content-sha256;x-amz-date';
+
+    const canonicalRequest = [
+      method,
+      canonicalUri,
+      '', // 查询字符串为空
+      canonicalHeaders,
+      signedHeaders,
+      payloadHash
+    ].join('\n');
+
+    // 构建待签名字符串
+    const algorithm = 'AWS4-HMAC-SHA256';
+    const credentialScope = `${dateStamp}/${this.region}/${this.service}/aws4_request`;
+    const canonicalRequestHash = crypto.createHash('sha256').update(canonicalRequest).digest('hex');
+
+    const stringToSign = [
+      algorithm,
+      amzDate,
+      credentialScope,
+      canonicalRequestHash
+    ].join('\n');
+
+    // 计算签名
+    const signingKey = this.getSignatureKey(dateStamp);
+    const signature = crypto.createHmac('sha256', signingKey).update(stringToSign).digest('hex');
+
+    // 构建授权头
+    const authorization = `${algorithm} Credential=${this.accessKeyId}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signature}`;
+
+    // 发送请求
+    return new Promise((resolve, reject) => {
+      const options = {
+        hostname: host,
+        port: 443,
+        path: canonicalUri,
+        method: method,
+        headers: {
+          'Content-Type': contentType,
+          'Content-Length': fileBuffer.length,
+          'Host': host,
+          'X-Amz-Content-Sha256': payloadHash,
+          'X-Amz-Date': amzDate,
+          'Authorization': authorization
+        }
+      };
+
+      const req = https.request(options, (res) => {
+        let data = '';
+        res.on('data', chunk => data += chunk);
+        res.on('end', () => {
+          if (res.statusCode === 200 || res.statusCode === 201) {
+            // 构建公开访问 URL
+            let publicUrl;
+            if (this.publicUrl) {
+              publicUrl = `${this.publicUrl}/${key}`;
+            } else {
+              // 使用 R2 公开访问 URL（需要在 Cloudflare 配置）
+              publicUrl = `https://pub-${this.accountId}.r2.dev/${this.bucketName}/${key}`;
+            }
+
+            resolve({
+              success: true,
+              url: publicUrl,
+              key: key,
+              size: fileBuffer.length
+            });
+          } else {
+            reject(new Error(`R2 上传失败: ${res.statusCode} - ${data}`));
+          }
+        });
+      });
+
+      req.on('error', (error) => {
+        reject(new Error(`R2 请求错误: ${error.message}`));
+      });
+
+      req.write(fileBuffer);
+      req.end();
+    });
+  }
+
+  /**
+   * 删除文件
+   * @param {string} key - 文件键名
+   */
+  async deleteFile(key) {
+    if (!this.isConfigured()) {
+      throw new Error('R2 存储未配置');
+    }
+
+    const now = new Date();
+    const amzDate = now.toISOString().replace(/[:-]|\.\d{3}/g, '');
+    const dateStamp = amzDate.slice(0, 8);
+
+    const method = 'DELETE';
+    const canonicalUri = `/${this.bucketName}/${key}`;
+    const host = this.endpoint;
+
+    const payloadHash = crypto.createHash('sha256').update('').digest('hex');
+
+    const canonicalHeaders = [
+      `host:${host}`,
+      `x-amz-content-sha256:${payloadHash}`,
+      `x-amz-date:${amzDate}`
+    ].join('\n') + '\n';
+
+    const signedHeaders = 'host;x-amz-content-sha256;x-amz-date';
+
+    const canonicalRequest = [
+      method,
+      canonicalUri,
+      '',
+      canonicalHeaders,
+      signedHeaders,
+      payloadHash
+    ].join('\n');
+
+    const algorithm = 'AWS4-HMAC-SHA256';
+    const credentialScope = `${dateStamp}/${this.region}/${this.service}/aws4_request`;
+    const canonicalRequestHash = crypto.createHash('sha256').update(canonicalRequest).digest('hex');
+
+    const stringToSign = [
+      algorithm,
+      amzDate,
+      credentialScope,
+      canonicalRequestHash
+    ].join('\n');
+
+    const signingKey = this.getSignatureKey(dateStamp);
+    const signature = crypto.createHmac('sha256', signingKey).update(stringToSign).digest('hex');
+
+    const authorization = `${algorithm} Credential=${this.accessKeyId}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signature}`;
+
+    return new Promise((resolve, reject) => {
+      const options = {
+        hostname: host,
+        port: 443,
+        path: canonicalUri,
+        method: method,
+        headers: {
+          'Host': host,
+          'X-Amz-Content-Sha256': payloadHash,
+          'X-Amz-Date': amzDate,
+          'Authorization': authorization
+        }
+      };
+
+      const req = https.request(options, (res) => {
+        let data = '';
+        res.on('data', chunk => data += chunk);
+        res.on('end', () => {
+          if (res.statusCode === 204 || res.statusCode === 200) {
+            resolve({ success: true });
+          } else {
+            reject(new Error(`R2 删除失败: ${res.statusCode}`));
+          }
+        });
+      });
+
+      req.on('error', reject);
+      req.end();
+    });
+  }
+}
+
+// 导出单例
+const r2Storage = new R2Storage();
+
+module.exports = {
+  R2Storage,
+  r2Storage
+};

server-mysql.js

@@ -0,0 +1,2327 @@
+// server-mysql.js - 使用MySQL数据库的校园圈后端服务器 (Hugging Face Spaces版本)
+require('dotenv').config();
+const express = require('express');
+const cors = require('cors');
+const helmet = require('helmet');
+const multer = require('multer');
+const path = require('path');
+const fs = require('fs');
+const bcrypt = require('bcrypt');
+const jwt = require('jsonwebtoken');
+const { body, validationResult } = require('express-validator');
+const winston = require('winston');
+const { pool, initDatabase } = require('./db-config');
+const { r2Storage } = require('./r2-storage');
+
+// JWT密钥
+const JWT_SECRET = process.env.JWT_SECRET || 'campus-circle-secret-key-2024';
+
+// 服务器端口 - Hugging Face Spaces 使用 7860
+const PORT = process.env.PORT || 7860;
+
+// 创建日志记录器
+const logger = winston.createLogger({
+  level: 'info',
+  format: winston.format.combine(
+    winston.format.timestamp(),
+    winston.format.json()
+  ),
+  transports: [
+    new winston.transports.Console(),
+    new winston.transports.File({ filename: 'server.log' })
+  ]
+});
+
+const app = express();
+
+// 确保uploads目录存在 - 使用Hugging Face Spaces持久化目录
+const uploadsDir = process.env.HF_SPACE ? 
+  path.join('/tmp', 'uploads') :  // Hugging Face Spaces临时目录
+  path.join(__dirname, 'uploads'); // 本地开发目录
+
+if (!fs.existsSync(uploadsDir)) {
+  fs.mkdirSync(uploadsDir, { recursive: true });
+  console.log('📁 创建uploads目录:', uploadsDir);
+}
+
+// 创建静态文件目录（用于持久化存储）
+const staticDir = path.join(__dirname, 'static');
+if (!fs.existsSync(staticDir)) {
+  fs.mkdirSync(staticDir, { recursive: true });
+  console.log('📁 创建static目录:', staticDir);
+}
+
+// 添加调试信息 - 列出现有文件
+try {
+  const files = fs.readdirSync(uploadsDir);
+  console.log('📂 uploads目录现有文件:', files);
+} catch (error) {
+  console.log('📂 无法读取uploads目录:', error.message);
+}
+
+// 配置multer用于文件上传
+const storage = multer.diskStorage({
+  destination: function (req, file, cb) {
+    // 使用/tmp目录，Hugging Face Spaces中有写权限
+    const uploadPath = uploadsDir;
+    
+    // 确保目录存在
+    if (!fs.existsSync(uploadPath)) {
+      try {
+        fs.mkdirSync(uploadPath, { recursive: true });
+        console.log('📁 创建上传目录:', uploadPath);
+      } catch (error) {
+        console.error('❌ 创建上传目录失败:', error);
+      }
+    }
+    
+    cb(null, uploadPath);
+  },
+  filename: function (req, file, cb) {
+    // 生成唯一文件名
+    const uniqueSuffix = Date.now() + '-' + Math.round(Math.random() * 1E9);
+    const ext = path.extname(file.originalname);
+    const filename = file.fieldname + '-' + uniqueSuffix + ext;
+    console.log('📸 生成文件名:', filename);
+    cb(null, filename);
+  }
+});
+
+const upload = multer({ 
+  storage: storage,
+  limits: {
+    fileSize: 2 * 1024 * 1024 // 2MB限制，减少base64大小
+  },
+  fileFilter: function (req, file, cb) {
+    console.log('📸 文件过滤检查:', file.mimetype);
+    // 只允许图片文件
+    if (file.mimetype.startsWith('image/')) {
+      cb(null, true);
+    } else {
+      cb(new Error('只允许上传图片文件'));
+    }
+  }
+});
+
+// 中间件
+app.use(helmet());
+app.use(cors());
+app.use(express.json({ limit: '10mb' }));
+app.use(express.urlencoded({ extended: true, limit: '10mb' }));
+
+// 静态文件服务 - 配置CORS和缓存
+app.use('/uploads', express.static(uploadsDir, {
+  setHeaders: (res, path, stat) => {
+    res.set('Access-Control-Allow-Origin', '*');
+    res.set('Cross-Origin-Resource-Policy', 'cross-origin');
+  }
+}));
+
+app.use('/static', express.static(staticDir, {
+  setHeaders: (res, path, stat) => {
+    res.set('Access-Control-Allow-Origin', '*');
+    res.set('Cross-Origin-Resource-Policy', 'cross-origin');
+  }
+}));
+
+app.use('/images', express.static('images', {
+  setHeaders: (res, path, stat) => {
+    res.set('Access-Control-Allow-Origin', '*');
+    res.set('Cross-Origin-Resource-Policy', 'cross-origin');
+  }
+}));
+
+// JWT验证中间件
+const authenticateToken = (req, res, next) => {
+  const authHeader = req.headers['authorization'];
+  const token = authHeader && authHeader.split(' ')[1];
+
+  if (!token) {
+    return res.status(401).json({ error: '访问令牌缺失' });
+  }
+
+  jwt.verify(token, JWT_SECRET, (err, user) => {
+    if (err) {
+      return res.status(403).json({ error: '令牌无效' });
+    }
+    req.user = user;
+    next();
+  });
+};
+
+// 图片上传接口 - 文件存储方案
+app.post('/api/upload', authenticateToken, upload.single('file'), (req, res) => {
+  try {
+    if (!req.file) {
+      return res.status(400).json({ 
+        success: false, 
+        error: '没有上传文件' 
+      });
+    }
+
+    // 检查文件大小
+    if (req.file.size > 5 * 1024 * 1024) { // 5MB限制
+      // 删除上传的文件
+      if (fs.existsSync(req.file.path)) {
+        fs.unlinkSync(req.file.path);
+      }
+      return res.status(400).json({ 
+        success: false, 
+        error: '图片文件过大，请选择小于5MB的图片' 
+      });
+    }
+
+    // 生成文件URL
+    const fileUrl = `/static/${req.file.filename}`;
+    
+    logger.info(`图片上传成功: ${req.file.originalname}, 大小: ${req.file.size}字节, 路径: ${req.file.path}`);
+    
+    res.json({
+      success: true,
+      message: '文件上传成功',
+      url: fileUrl,
+      filename: req.file.filename,
+      originalname: req.file.originalname,
+      size: req.file.size
+    });
+  } catch (error) {
+    logger.error('文件上传失败:', error);
+    
+    // 清理上传的文件
+    if (req.file && req.file.path && fs.existsSync(req.file.path)) {
+      try {
+        fs.unlinkSync(req.file.path);
+      } catch (cleanupError) {
+        logger.error('清理上传文件失败:', cleanupError);
+      }
+    }
+    
+    res.status(500).json({ 
+      success: false, 
+      error: '文件上传失败: ' + error.message 
+    });
+  }
+});
+
+// 健康检查端点
+app.get('/api/health', (req, res) => {
+  res.status(200).json({ 
+    status: 'ok', 
+    timestamp: new Date().toISOString(),
+    service: 'campusloop-backend',
+    port: PORT,
+    platform: 'Hugging Face Spaces'
+  });
+});
+
+// 获取平台统计数据（注册用户数、动态数、活跃聊天数）
+app.get('/api/stats', async (req, res) => {
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 查询注册用户总数
+      const [usersResult] = await connection.query(
+        'SELECT COUNT(*) as count FROM users'
+      );
+      const totalUsers = usersResult[0].count || 0;
+      
+      // 查询动态总数
+      const [postsResult] = await connection.query(
+        'SELECT COUNT(*) as count FROM posts'
+      );
+      const totalPosts = postsResult[0].count || 0;
+      
+      // 查询活跃聊天数（最近7天有发送消息的用户数）
+      const [chatsResult] = await connection.query(
+        `SELECT COUNT(DISTINCT sender_id) as count FROM chat_messages 
+         WHERE created_at >= DATE_SUB(NOW(), INTERVAL 7 DAY)`
+      );
+      const activeChats = chatsResult[0].count || 0;
+      
+      res.json({
+        success: true,
+        stats: {
+          totalUsers,
+          totalPosts,
+          activeChats
+        }
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('获取统计数据失败:', error);
+    logger.error('获取统计数据失败:', error);
+    // 返回默认值，避免前端显示错误
+    res.json({
+      success: true,
+      stats: {
+        totalUsers: 0,
+        totalPosts: 0,
+        activeChats: 0
+      }
+    });
+  }
+});
+
+// 根路径
+app.get('/', (req, res) => {
+  res.json({
+    message: '🎓 CampusLoop Backend API',
+    version: '1.0.0',
+    platform: 'Hugging Face Spaces',
+    endpoints: {
+      health: '/api/health',
+      auth: {
+        register: 'POST /api/auth/register',
+        login: 'POST /api/auth/login'
+      },
+      posts: {
+        list: 'GET /api/posts',
+        create: 'POST /api/posts',
+        comments: 'GET /api/posts/:id/comments'
+      },
+      forum: {
+        posts: 'GET /api/forum/posts',
+        create: 'POST /api/forum/posts'
+      },
+      activities: {
+        list: 'GET /api/activities',
+        create: 'POST /api/activities'
+      }
+    }
+  });
+});
+
+// 用户注册接口
+app.post('/api/auth/register', [
+  body('username').isLength({ min: 3 }).withMessage('用户名至少3个字符'),
+  body('email').isEmail().withMessage('请输入有效的邮箱地址'),
+  body('password').isLength({ min: 6 }).withMessage('密码至少6个字符')
+], async (req, res) => {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() });
+  }
+
+  const { username, email, password } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查用户名和邮箱是否已存在
+      const [existingUsers] = await connection.query(
+        'SELECT id FROM users WHERE username = ? OR email = ?',
+        [username, email]
+      );
+
+      if (existingUsers.length > 0) {
+        return res.status(400).json({ error: '用户名或邮箱已存在' });
+      }
+
+      // 加密密码
+      const hashedPassword = await bcrypt.hash(password, 10);
+
+      // 插入新用户（设置默认头像）
+      const [result] = await connection.query(
+        'INSERT INTO users (username, email, password, avatar) VALUES (?, ?, ?, ?)',
+        [username, email, hashedPassword, '/images/default-avatar.svg']
+      );
+
+      const userId = result.insertId;
+      const token = jwt.sign({ userId, username }, JWT_SECRET, { expiresIn: '24h' });
+
+      res.status(201).json({
+        message: '注册成功',
+        token,
+        user: { id: userId, username, email }
+      });
+
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('注册失败:', error);
+    res.status(500).json({ error: '注册失败，请稍后重试' });
+  }
+});
+
+// 用户登录接口
+app.post('/api/auth/login', [
+  body('username').notEmpty().withMessage('用户名不能为空'),
+  body('password').notEmpty().withMessage('密码不能为空')
+], async (req, res) => {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() });
+  }
+
+  const { username, password } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 尝试查询包含role字段，如果失败则查询不包含role字段
+      let users;
+      try {
+        [users] = await connection.query(
+          'SELECT id, username, email, password, role FROM users WHERE username = ? OR email = ?',
+          [username, username]
+        );
+      } catch (error) {
+        if (error.code === 'ER_BAD_FIELD_ERROR') {
+          // role字段不存在，使用不带role的查询
+          [users] = await connection.query(
+            'SELECT id, username, email, password FROM users WHERE username = ? OR email = ?',
+            [username, username]
+          );
+        } else {
+          throw error;
+        }
+      }
+
+      if (users.length === 0) {
+        return res.status(401).json({ error: '用户名或密码错误' });
+      }
+
+      const user = users[0];
+      const isValidPassword = await bcrypt.compare(password, user.password);
+
+      if (!isValidPassword) {
+        return res.status(401).json({ error: '用户名或密码错误' });
+      }
+
+      const token = jwt.sign(
+        { userId: user.id, username: user.username },
+        JWT_SECRET,
+        { expiresIn: '24h' }
+      );
+
+      res.json({
+        message: '登录成功',
+        token,
+        user: { 
+          id: user.id, 
+          username: user.username, 
+          email: user.email,
+          role: user.role || 'user'
+        }
+      });
+
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('登录失败:', error);
+    res.status(500).json({ error: '登录失败，请稍后重试' });
+  }
+});
+
+// 获取个人资料接口
+app.get('/api/profile', authenticateToken, async (req, res) => {
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 查询用户信息，包含所有字段
+      const [users] = await connection.query(
+        'SELECT id, username, email, avatar, bio, role, phone, major, grade, gender, student_id, created_at FROM users WHERE id = ?',
+        [req.user.userId]
+      );
+
+      if (users.length === 0) {
+        return res.status(404).json({ error: '用户不存在' });
+      }
+
+      const user = users[0];
+      // 不返回密码字段
+      delete user.password;
+      res.json({ success: true, user });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取用户信息失败:', error);
+    res.status(500).json({ error: '获取用户信息失败' });
+  }
+});
+
+// 获取主页成绩信息接口
+app.get('/api/grades/home', authenticateToken, async (req, res) => {
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [grades] = await connection.query(
+        'SELECT * FROM grades WHERE user_id = ? ORDER BY created_at DESC LIMIT 5',
+        [req.user.userId]
+      );
+
+      res.json({ grades });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取成绩失败:', error);
+    res.status(500).json({ error: '获取成绩失败' });
+  }
+});
+
+// 获取校园地图接口
+app.get('/api/map', (req, res) => {
+  // 返回校园地图数据
+  const mapData = {
+    id: 1,
+    name: '校园地图',
+    imageUrl: '/images/campus-map.jpg',
+    locations: [
+      { id: 1, name: '图书馆', x: 100, y: 150, type: 'library' },
+      { id: 2, name: '教学楼A', x: 200, y: 100, type: 'building' },
+      { id: 3, name: '食堂', x: 150, y: 200, type: 'restaurant' },
+      { id: 4, name: '体育馆', x: 300, y: 180, type: 'gym' }
+    ]
+  };
+  
+  res.json({ map: mapData });
+});
+
+// 获取动态接口
+app.get('/api/posts', async (req, res) => {
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [posts] = await connection.query(`
+        SELECT p.*, u.username, u.avatar 
+        FROM posts p 
+        JOIN users u ON p.user_id = u.id 
+        ORDER BY p.created_at DESC 
+        LIMIT 50
+      `);
+
+      res.json({ success: true, posts });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('获取动态失败:', error);
+    logger.error('获取动态失败:', error);
+    res.status(500).json({ success: false, error: '获取动态失败' });
+  }
+});
+
+// 发布动态接口（支持图片上传）
+// 优先使用 Cloudflare R2 存储，如未配置则使用 Base64 存数据库
+app.post('/api/posts', authenticateToken, upload.single('image'), async (req, res) => {
+  const { content } = req.body;
+  
+  // 验证：至少要有内容或图片
+  if (!content && !req.file) {
+    return res.status(400).json({ error: '请输入内容或上传图片' });
+  }
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      let imageUrl = null;
+      
+      // 如果有上传图片
+      if (req.file) {
+        const fileBuffer = fs.readFileSync(req.file.path);
+        
+        // 优先使用 R2 存储
+        if (r2Storage.isConfigured()) {
+          try {
+            logger.info('使用 Cloudflare R2 存储图片...');
+            const uploadResult = await r2Storage.uploadFile(
+              fileBuffer,
+              req.file.originalname,
+              req.file.mimetype
+            );
+            imageUrl = uploadResult.url;
+            logger.info(`R2 上传成功: ${imageUrl}`);
+          } catch (r2Error) {
+            logger.error('R2 上传失败，回退到 Base64:', r2Error.message);
+            // R2 失败时回退到 Base64
+            imageUrl = `data:${req.file.mimetype};base64,${fileBuffer.toString('base64')}`;
+          }
+        } else {
+          // 未配置 R2，使用 Base64 存储
+          logger.info('R2 未配置，使用 Base64 存储图片');
+          imageUrl = `data:${req.file.mimetype};base64,${fileBuffer.toString('base64')}`;
+        }
+        
+        // 删除临时文件
+        try {
+          fs.unlinkSync(req.file.path);
+        } catch (unlinkError) {
+          logger.warn('删除临时文件失败:', unlinkError.message);
+        }
+      }
+      
+      const [result] = await connection.query(
+        'INSERT INTO posts (user_id, content, image) VALUES (?, ?, ?)',
+        [req.user.userId, content || '', imageUrl]
+      );
+
+      res.status(201).json({
+        success: true,
+        message: '动态发布成功',
+        postId: result.insertId,
+        imageStorage: r2Storage.isConfigured() ? 'r2' : 'base64'
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('发布动态失败:', error);
+    logger.error('发布动态失败:', error);
+    res.status(500).json({ error: '发布动态失败' });
+  }
+});
+
+// 编辑动态接口
+app.put('/api/posts/:id', authenticateToken, async (req, res) => {
+  const { id } = req.params;
+  const { content } = req.body;
+
+  if (!content || !content.trim()) {
+    return res.status(400).json({ error: '动态内容不能为空' });
+  }
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查动态是否存在以及当前用户是否有权限编辑
+      const [posts] = await connection.execute(
+        'SELECT * FROM posts WHERE id = ? AND user_id = ?',
+        [id, req.user.userId]
+      );
+
+      if (posts.length === 0) {
+        return res.status(404).json({ error: '动态不存在或无权限编辑' });
+      }
+
+      // 执行更新操作
+      await connection.execute(
+        'UPDATE posts SET content = ? WHERE id = ?',
+        [content.trim(), id]
+      );
+
+      res.json({ success: true, message: '动态编辑成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('编辑动态失败:', error);
+    res.status(500).json({ error: '编辑动态失败' });
+  }
+});
+
+// 删除动态接口（支持管理员删除任何动态）
+app.delete('/api/posts/:id', authenticateToken, async (req, res) => {
+  const { id } = req.params;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 先获取当前用户的角色
+      const [users] = await connection.execute(
+        'SELECT role FROM users WHERE id = ?',
+        [req.user.userId]
+      );
+      
+      const isAdmin = users.length > 0 && users[0].role === 'admin';
+      
+      // 检查动态是否存在
+      const [posts] = await connection.execute(
+        'SELECT * FROM posts WHERE id = ?',
+        [id]
+      );
+
+      if (posts.length === 0) {
+        return res.status(404).json({ error: '动态不存在' });
+      }
+
+      // 检查权限：只有动态作者或管理员可以删除
+      if (posts[0].user_id !== req.user.userId && !isAdmin) {
+        return res.status(403).json({ error: '无权限删除此动态' });
+      }
+
+      // 删除动态（会级联删除相关的评论和点赞）
+      await connection.execute('DELETE FROM posts WHERE id = ?', [id]);
+
+      logger.info(`动态删除成功: postId=${id}, 操作者=${req.user.username}, 是否管理员=${isAdmin}`);
+      res.json({ success: true, message: '动态删除成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('删除动态失败:', error);
+    res.status(500).json({ error: '删除动态失败' });
+  }
+});
+
+// 点赞动态接口
+app.post('/api/posts/:id/like', authenticateToken, async (req, res) => {
+  const { id } = req.params;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查是否已经点赞
+      const [existingLikes] = await connection.execute(
+        'SELECT * FROM likes WHERE post_id = ? AND user_id = ?',
+        [id, req.user.userId]
+      );
+
+      if (existingLikes.length > 0) {
+        // 取消点赞
+        await connection.execute(
+          'DELETE FROM likes WHERE post_id = ? AND user_id = ?',
+          [id, req.user.userId]
+        );
+
+        res.json({ success: true, message: '取消点赞成功', liked: false });
+      } else {
+        // 添加点赞
+        await connection.execute(
+          'INSERT INTO likes (post_id, user_id) VALUES (?, ?)',
+          [id, req.user.userId]
+        );
+
+        res.json({ success: true, message: '点赞成功', liked: true });
+      }
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('点赞失败:', error);
+    res.status(500).json({ error: '点赞失败' });
+  }
+});
+
+// 获取动态评论接口
+app.get('/api/posts/:id/comments', async (req, res) => {
+  const { id } = req.params;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [comments] = await connection.execute(`
+        SELECT c.*, u.username, u.avatar 
+        FROM comments c 
+        JOIN users u ON c.user_id = u.id 
+        WHERE c.post_id = ? 
+        ORDER BY c.created_at ASC
+      `, [id]);
+
+      res.json({ success: true, comments });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取评论失败:', error);
+    res.status(500).json({ error: '获取评论失败' });
+  }
+});
+
+// 发表评论接口
+app.post('/api/posts/:id/comments', authenticateToken, async (req, res) => {
+  const { id } = req.params;
+  const { content } = req.body;
+
+  if (!content || !content.trim()) {
+    return res.status(400).json({ error: '评论内容不能为空' });
+  }
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [result] = await connection.execute(
+        'INSERT INTO comments (post_id, user_id, content) VALUES (?, ?, ?)',
+        [id, req.user.userId, content.trim()]
+      );
+
+      res.json({
+        success: true,
+        comment: {
+          id: result.insertId,
+          post_id: id,
+          user_id: req.user.userId,
+          username: req.user.username,
+          content: content.trim(),
+          created_at: new Date().toISOString()
+        }
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('发表评论失败:', error);
+    res.status(500).json({ error: '发表评论失败' });
+  }
+});
+
+// 删除评论接口
+app.delete('/api/posts/:postId/comments/:commentId', authenticateToken, async (req, res) => {
+  const { postId, commentId } = req.params;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查评论是否存在以及是否属于当前用户
+      const [comments] = await connection.execute(
+        'SELECT * FROM comments WHERE id = ? AND post_id = ? AND user_id = ?',
+        [commentId, postId, req.user.userId]
+      );
+
+      if (comments.length === 0) {
+        return res.status(404).json({ error: '评论不存在或无权限删除' });
+      }
+
+      // 删除评论
+      await connection.execute('DELETE FROM comments WHERE id = ?', [commentId]);
+
+      res.json({ success: true, message: '评论删除成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('删除评论失败:', error);
+    res.status(500).json({ error: '删除评论失败' });
+  }
+});
+
+// 获取论坛帖子接口
+app.get('/api/forum/posts', async (req, res) => {
+  const { topic } = req.query;
+  
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      let query = `
+        SELECT fp.*, u.username, u.avatar 
+        FROM forum_posts fp 
+        JOIN users u ON fp.user_id = u.id
+      `;
+      let params = [];
+
+      if (topic) {
+        query += ' WHERE fp.topic = ?';
+        params.push(topic);
+      }
+
+      query += ' ORDER BY fp.created_at DESC LIMIT 50';
+
+      const [posts] = await connection.query(query, params);
+      res.json({ posts });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取论坛帖子失败:', error);
+    res.status(500).json({ error: '获取论坛帖子失败' });
+  }
+});
+
+// 获取课程表接口
+app.get('/api/schedule', authenticateToken, async (req, res) => {
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [schedules] = await connection.query(
+        'SELECT * FROM schedules WHERE user_id = ? ORDER BY weekday, start_time',
+        [req.user.userId]
+      );
+
+      res.json({ success: true, schedules });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取课程表失败:', error);
+    res.status(500).json({ success: false, error: '获取课程表失败' });
+  }
+});
+
+// 添加课程接口
+app.post('/api/schedule', authenticateToken, [
+  body('course_name').notEmpty().withMessage('课程名称不能为空'),
+  body('teacher').notEmpty().withMessage('教师姓名不能为空'),
+  body('weekday').isInt({ min: 1, max: 7 }).withMessage('星期必须是1-7之间的数字')
+], async (req, res) => {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() });
+  }
+
+  const { course_name, teacher, weekday, start_time, end_time, classroom } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [result] = await connection.query(
+        'INSERT INTO schedules (user_id, course_name, teacher, weekday, start_time, end_time, classroom) VALUES (?, ?, ?, ?, ?, ?, ?)',
+        [req.user.userId, course_name, teacher, weekday, start_time, end_time, classroom || '']
+      );
+
+      res.status(201).json({
+        message: '课程添加成功',
+        scheduleId: result.insertId
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('添加课程失败:', error);
+    res.status(500).json({ error: '添加课程失败' });
+  }
+});
+
+// 初始化测试课程数据接口
+app.post('/api/schedule/init-test-data', authenticateToken, async (req, res) => {
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查是否已有课程
+      const [existing] = await connection.query(
+        'SELECT COUNT(*) as count FROM schedules WHERE user_id = ?',
+        [req.user.userId]
+      );
+      
+      if (existing[0].count > 0) {
+        return res.json({ success: true, message: '已有课程数据，无需初始化', count: existing[0].count });
+      }
+      
+      // 测试课程数据
+      const courses = [
+        { course_name: '高等数学', teacher: '张教授', weekday: 1, start_time: '08:00', end_time: '09:45', classroom: '教学楼A201', week_start: 1, week_end: 16 },
+        { course_name: '大学物理', teacher: '刘教授', weekday: 1, start_time: '10:00', end_time: '11:45', classroom: '理学楼B102', week_start: 1, week_end: 16 },
+        { course_name: '思想政治', teacher: '陈老师', weekday: 1, start_time: '14:00', end_time: '15:45', classroom: '综合楼C301', week_start: 1, week_end: 18 },
+        { course_name: '大学英语', teacher: '李老师', weekday: 2, start_time: '08:00', end_time: '09:45', classroom: '外语楼A305', week_start: 1, week_end: 16 },
+        { course_name: '线性代数', teacher: '王教授', weekday: 2, start_time: '10:00', end_time: '11:45', classroom: '教学楼A203', week_start: 1, week_end: 14 },
+        { course_name: '体育', teacher: '赵老师', weekday: 2, start_time: '14:00', end_time: '15:45', classroom: '体育馆', week_start: 1, week_end: 16 },
+        { course_name: '程序设计', teacher: '孙老师', weekday: 3, start_time: '08:00', end_time: '09:45', classroom: '实验楼C102', week_start: 1, week_end: 16 },
+        { course_name: '高等数学', teacher: '张教授', weekday: 3, start_time: '10:00', end_time: '11:45', classroom: '教学楼A201', week_start: 1, week_end: 16 },
+        { course_name: '数据结构', teacher: '周教授', weekday: 3, start_time: '14:00', end_time: '15:45', classroom: '实验楼C201', week_start: 3, week_end: 18 },
+        { course_name: '大学英语', teacher: '李老师', weekday: 4, start_time: '08:00', end_time: '09:45', classroom: '外语楼A305', week_start: 1, week_end: 16 },
+        { course_name: '物理实验', teacher: '刘教授', weekday: 4, start_time: '14:00', end_time: '15:45', classroom: '物理实验楼', week_start: 2, week_end: 16 },
+        { course_name: '计算机网络', teacher: '吴老师', weekday: 4, start_time: '16:00', end_time: '17:45', classroom: '实验楼C301', week_start: 5, week_end: 18 },
+        { course_name: '程序设计', teacher: '孙老师', weekday: 5, start_time: '08:00', end_time: '09:45', classroom: '实验楼C102', week_start: 1, week_end: 16 },
+        { course_name: '概率统计', teacher: '钱教授', weekday: 5, start_time: '10:00', end_time: '11:45', classroom: '教学楼A302', week_start: 1, week_end: 14 },
+        { course_name: '创新创业', teacher: '郑老师', weekday: 5, start_time: '14:00', end_time: '15:45', classroom: '创业楼D101', week_start: 1, week_end: 10 }
+      ];
+      
+      // 批量插入课程
+      for (const course of courses) {
+        await connection.query(
+          'INSERT INTO schedules (user_id, course_name, teacher, weekday, start_time, end_time, classroom, week_start, week_end, week_type) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)',
+          [req.user.userId, course.course_name, course.teacher, course.weekday, course.start_time, course.end_time, course.classroom, course.week_start, course.week_end, 'all']
+        );
+      }
+      
+      res.json({ success: true, message: '测试课程数据初始化成功', count: courses.length });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('初始化测试课程失败:', error);
+    res.status(500).json({ error: '初始化测试课程失败' });
+  }
+});
+
+// 获取失物招领接口
+app.get('/api/lostfound', async (req, res) => {
+  const { category, status } = req.query;
+  
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      let query = `
+        SELECT lf.*, u.username 
+        FROM lost_found lf 
+        JOIN users u ON lf.user_id = u.id
+      `;
+      let conditions = [];
+      let params = [];
+
+      if (category) {
+        conditions.push('lf.category = ?');
+        params.push(category);
+      }
+
+      if (status) {
+        conditions.push('lf.status = ?');
+        params.push(status);
+      }
+
+      if (conditions.length > 0) {
+        query += ' WHERE ' + conditions.join(' AND ');
+      }
+
+      query += ' ORDER BY lf.created_at DESC LIMIT 50';
+
+      const [items] = await connection.query(query, params);
+      res.json({ items });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取失物招领失败:', error);
+    res.status(500).json({ error: '获取失物招领失败' });
+  }
+});
+
+// 发布失物招领接口
+app.post('/api/lostfound', authenticateToken, [
+  body('title').notEmpty().withMessage('标题不能为空'),
+  body('description').notEmpty().withMessage('描述不能为空'),
+  body('category').notEmpty().withMessage('分类不能为空')
+], async (req, res) => {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() });
+  }
+
+  const { title, description, category, contact, images } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const imagesJson = images && images.length > 0 ? JSON.stringify(images) : null;
+      
+      // 先尝试包含images字段的插入
+      let result;
+      try {
+        [result] = await connection.query(
+          'INSERT INTO lost_found (user_id, title, description, category, contact, images) VALUES (?, ?, ?, ?, ?, ?)',
+          [req.user.userId, title, description, category, contact || '', imagesJson]
+        );
+      } catch (insertError) {
+        if (insertError.code === 'ER_BAD_FIELD_ERROR') {
+          // images字段不存在，使用不包含images的插入
+          console.log('images字段不存在，使用兼容模式插入');
+          [result] = await connection.query(
+            'INSERT INTO lost_found (user_id, title, description, category, contact) VALUES (?, ?, ?, ?, ?)',
+            [req.user.userId, title, description, category, contact || '']
+          );
+        } else {
+          throw insertError;
+        }
+      }
+
+      res.status(201).json({
+        message: '失物招领发布成功',
+        itemId: result.insertId
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('发布失物招领失败:', error);
+    res.status(500).json({ error: '发布失物招领失败' });
+  }
+});
+
+// 获取成绩接口
+app.get('/api/grades', authenticateToken, async (req, res) => {
+  const { semester } = req.query;
+  
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      let query = 'SELECT * FROM grades WHERE user_id = ?';
+      let params = [req.user.userId];
+
+      if (semester) {
+        query += ' AND semester = ?';
+        params.push(semester);
+      }
+
+      query += ' ORDER BY created_at DESC';
+
+      const [grades] = await connection.query(query, params);
+      res.json({ grades });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取成绩失败:', error);
+    res.status(500).json({ error: '获取成绩失败' });
+  }
+});
+
+// 添加成绩接口
+app.post('/api/grades', authenticateToken, [
+  body('course_name').notEmpty().withMessage('课程名称不能为空'),
+  body('score').isFloat({ min: 0, max: 100 }).withMessage('成绩必须是0-100之间的数字'),
+  body('semester').notEmpty().withMessage('学期不能为空')
+], async (req, res) => {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() });
+  }
+
+  const { course_name, score, semester, credit } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [result] = await connection.query(
+        'INSERT INTO grades (user_id, course_name, score, semester, credit) VALUES (?, ?, ?, ?, ?)',
+        [req.user.userId, course_name, score, semester, credit || 3]
+      );
+
+      res.status(201).json({
+        message: '成绩添加成功',
+        gradeId: result.insertId
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('添加成绩失败:', error);
+    res.status(500).json({ error: '添加成绩失败' });
+  }
+});
+
+// 获取通知接口
+app.get('/api/notifications', authenticateToken, async (req, res) => {
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [notifications] = await connection.query(
+        'SELECT * FROM notifications WHERE user_id = ? ORDER BY created_at DESC LIMIT 50',
+        [req.user.userId]
+      );
+
+      res.json({ notifications });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取通知失败:', error);
+    res.status(500).json({ error: '获取通知失败' });
+  }
+});
+
+// 标记通知为已读接口
+app.put('/api/notifications/:id', authenticateToken, async (req, res) => {
+  const { id } = req.params;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      await connection.query(
+        'UPDATE notifications SET read_status = 1 WHERE id = ? AND user_id = ?',
+        [id, req.user.userId]
+      );
+
+      res.json({ success: true, message: '通知标记为已读' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('标记通知为已读失败:', error);
+    res.status(500).json({ error: '标记通知为已读失败' });
+  }
+});
+
+// 获取活动接口
+app.get('/api/activities', async (req, res) => {
+  // 从请求头获取用户信息（可选）
+  const authHeader = req.headers['authorization'];
+  const token = authHeader && authHeader.split(' ')[1];
+  let userId = null;
+
+  if (token) {
+    try {
+      const decoded = jwt.verify(token, JWT_SECRET);
+      userId = decoded.userId;
+    } catch (error) {
+      // 忽略token错误，继续执行
+    }
+  }
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [activities] = await connection.query(`
+        SELECT a.*, u.username as organizer_name,
+               CASE WHEN ap.user_id IS NOT NULL THEN 1 ELSE 0 END as is_registered
+        FROM activities a 
+        JOIN users u ON a.organizer_id = u.id 
+        LEFT JOIN activity_participants ap ON a.id = ap.activity_id AND ap.user_id = ?
+        WHERE a.status = 'active'
+        ORDER BY a.start_time ASC 
+        LIMIT 50
+      `, [userId]);
+
+      res.json({ success: true, activities });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取活动失败:', error);
+    res.status(500).json({ error: '获取活动失败' });
+  }
+});
+
+// 报名活动接口
+app.post('/api/activities/:id/register', authenticateToken, async (req, res) => {
+  const activityId = req.params.id;
+  const userId = req.user.userId;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查是否已经报名
+      const [existing] = await connection.query(
+        'SELECT * FROM activity_participants WHERE activity_id = ? AND user_id = ?',
+        [activityId, userId]
+      );
+
+      if (existing.length > 0) {
+        return res.status(400).json({ error: '您已经报名了这个活动' });
+      }
+
+      // 添加报名记录
+      await connection.query(
+        'INSERT INTO activity_participants (activity_id, user_id) VALUES (?, ?)',
+        [activityId, userId]
+      );
+
+      // 更新活动参与人数
+      await connection.query(
+        'UPDATE activities SET participants = participants + 1 WHERE id = ?',
+        [activityId]
+      );
+
+      res.json({ success: true, message: '报名成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('报名活动失败:', error);
+    res.status(500).json({ error: '报名失败' });
+  }
+});
+
+// 取消报名活动接口
+app.post('/api/activities/:id/cancel', authenticateToken, async (req, res) => {
+  const activityId = req.params.id;
+  const userId = req.user.userId;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查是否已经报名
+      const [existing] = await connection.query(
+        'SELECT * FROM activity_participants WHERE activity_id = ? AND user_id = ?',
+        [activityId, userId]
+      );
+
+      if (existing.length === 0) {
+        return res.status(400).json({ error: '您尚未报名此活动' });
+      }
+
+      // 删除报名记录
+      await connection.query(
+        'DELETE FROM activity_participants WHERE activity_id = ? AND user_id = ?',
+        [activityId, userId]
+      );
+
+      // 更新活动参与人数
+      await connection.query(
+        'UPDATE activities SET participants = GREATEST(0, participants - 1) WHERE id = ?',
+        [activityId]
+      );
+
+      res.json({ success: true, message: '取消报名成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('取消报名失败:', error);
+    res.status(500).json({ error: '取消报名失败' });
+  }
+});
+
+// 获取单个活动详情接口
+app.get('/api/activities/:id', async (req, res) => {
+  const activityId = req.params.id;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [activities] = await connection.query(`
+        SELECT a.*, u.username as organizer_name
+        FROM activities a 
+        JOIN users u ON a.organizer_id = u.id 
+        WHERE a.id = ?
+      `, [activityId]);
+
+      if (activities.length === 0) {
+        return res.status(404).json({ error: '活动不存在' });
+      }
+
+      res.json({ success: true, activity: activities[0] });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取活动详情失败:', error);
+    res.status(500).json({ error: '获取活动详情失败' });
+  }
+});
+
+// 更新活动接口
+app.put('/api/activities/:id', authenticateToken, [
+  body('title').notEmpty().withMessage('活动标题不能为空'),
+  body('description').notEmpty().withMessage('活动描述不能为空'),
+  body('location').notEmpty().withMessage('活动地点不能为空'),
+  body('start_time').notEmpty().withMessage('开始时间不能为空'),
+  body('end_time').notEmpty().withMessage('结束时间不能为空')
+], async (req, res) => {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() });
+  }
+
+  const activityId = req.params.id;
+  const userId = req.user.userId;
+  const { title, description, location, start_time, end_time } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      console.log('更新活动请求:', { activityId, userId, title, description, location, start_time, end_time });
+      
+      // 检查用户是否为管理员或活动创建者
+      const [activity] = await connection.query(
+        'SELECT organizer_id FROM activities WHERE id = ?',
+        [activityId]
+      );
+
+      if (activity.length === 0) {
+        console.log('活动不存在:', activityId);
+        return res.status(404).json({ error: '活动不存在' });
+      }
+
+      // 检查用户权限
+      const [user] = await connection.query(
+        'SELECT role FROM users WHERE id = ?',
+        [userId]
+      );
+
+      const isAdmin = user.length > 0 && user[0].role === 'admin';
+      const isOrganizer = activity[0].organizer_id === userId;
+
+      console.log('权限检查:', { isAdmin, isOrganizer, userId, organizerId: activity[0].organizer_id });
+
+      if (!isAdmin && !isOrganizer) {
+        return res.status(403).json({ error: '您没有权限编辑此活动' });
+      }
+
+      // 更新活动
+      const [result] = await connection.query(
+        'UPDATE activities SET title = ?, description = ?, location = ?, start_time = ?, end_time = ? WHERE id = ?',
+        [title, description, location, start_time, end_time, activityId]
+      );
+
+      console.log('更新结果:', result);
+
+      res.json({ success: true, message: '活动更新成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('更新活动失败详细错误:', error);
+    logger.error('更新活动失败:', error);
+    res.status(500).json({ error: '更新活动失败', details: error.message });
+  }
+});
+
+// 删除活动接口
+app.delete('/api/activities/:id', authenticateToken, async (req, res) => {
+  const activityId = req.params.id;
+  const userId = req.user.userId;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查用户是否为管理员或活动创建者
+      const [activity] = await connection.query(
+        'SELECT organizer_id FROM activities WHERE id = ?',
+        [activityId]
+      );
+
+      if (activity.length === 0) {
+        return res.status(404).json({ error: '活动不存在' });
+      }
+
+      // 检查用户权限
+      const [user] = await connection.query(
+        'SELECT role FROM users WHERE id = ?',
+        [userId]
+      );
+
+      const isAdmin = user.length > 0 && user[0].role === 'admin';
+      const isOrganizer = activity[0].organizer_id === userId;
+
+      if (!isAdmin && !isOrganizer) {
+        return res.status(403).json({ error: '您没有权限删除此活动' });
+      }
+
+      // 删除活动（会自动删除相关的参与记录，因为有外键约束）
+      await connection.query('DELETE FROM activities WHERE id = ?', [activityId]);
+
+      res.json({ success: true, message: '活动删除成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('删除活动失败:', error);
+    res.status(500).json({ error: '删除活动失败' });
+  }
+});
+
+// 创建活动接口
+app.post('/api/activities', authenticateToken, [
+  body('title').notEmpty().withMessage('活动标题不能为空'),
+  body('description').notEmpty().withMessage('活动描述不能为空'),
+  body('location').notEmpty().withMessage('活动地点不能为空'),
+  body('start_time').notEmpty().withMessage('开始时间不能为空'),
+  body('end_time').notEmpty().withMessage('结束时间不能为空')
+], async (req, res) => {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() });
+  }
+
+  const { title, description, location, start_time, end_time } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [result] = await connection.query(
+        'INSERT INTO activities (title, description, location, start_time, end_time, organizer_id) VALUES (?, ?, ?, ?, ?, ?)',
+        [title, description, location, start_time, end_time, req.user.userId]
+      );
+
+      res.status(201).json({
+        success: true,
+        message: '活动创建成功',
+        activityId: result.insertId
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('创建活动失败:', error);
+    res.status(500).json({ error: '创建活动失败' });
+  }
+});
+
+// ============ 好友相关接口 ============
+
+// 获取好友列表
+app.get('/api/friends', authenticateToken, async (req, res) => {
+  const userId = req.user.userId;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 查询好友列表（双向好友关系）
+      const [friends] = await connection.query(`
+        SELECT DISTINCT u.id, u.username, u.avatar, u.student_id
+        FROM users u
+        INNER JOIN (
+          SELECT friend_id as user_id FROM friendships WHERE user_id = ? AND status = 'accepted'
+          UNION
+          SELECT user_id FROM friendships WHERE friend_id = ? AND status = 'accepted'
+        ) f ON u.id = f.user_id
+        ORDER BY u.username
+      `, [userId, userId]);
+
+      res.json({ 
+        success: true, 
+        friends: friends || [] 
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('获取好友列表失败:', error);
+    logger.error('获取好友列表失败:', error);
+    res.status(500).json({ error: '获取好友列表失败' });
+  }
+});
+
+// 搜索用户
+app.get('/api/users/search', authenticateToken, async (req, res) => {
+  const { keyword } = req.query;
+  const currentUserId = req.user.userId;
+
+  if (!keyword || keyword.trim() === '') {
+    return res.json({ success: true, users: [] });
+  }
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 搜索用户（排除自己）
+      const [users] = await connection.query(`
+        SELECT id, username, avatar, student_id
+        FROM users
+        WHERE (username LIKE ? OR student_id LIKE ?) AND id != ?
+        LIMIT 20
+      `, [`%${keyword}%`, `%${keyword}%`, currentUserId]);
+
+      // 检查每个用户是否已是好友
+      const usersWithFriendStatus = await Promise.all(users.map(async (user) => {
+        const [friendship] = await connection.query(`
+          SELECT status FROM friendships 
+          WHERE (user_id = ? AND friend_id = ?) OR (user_id = ? AND friend_id = ?)
+        `, [currentUserId, user.id, user.id, currentUserId]);
+
+        return {
+          ...user,
+          isFriend: friendship.length > 0 && friendship[0].status === 'accepted',
+          friendshipStatus: friendship.length > 0 ? friendship[0].status : null
+        };
+      }));
+
+      res.json({ 
+        success: true, 
+        users: usersWithFriendStatus 
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('搜索用户失败:', error);
+    logger.error('搜索用户失败:', error);
+    res.status(500).json({ error: '搜索用户失败' });
+  }
+});
+
+// ============ 用户资料相关接口 ============
+
+// 上传头像
+// 优先使用 Cloudflare R2 存储，如未配置则使用 Base64 存数据库
+app.post('/api/profile/avatar', authenticateToken, upload.single('avatar'), async (req, res) => {
+  try {
+    console.log('📸 收到头像上传请求');
+    console.log('📸 用户ID:', req.user.userId);
+    console.log('📸 文件信息:', req.file);
+    
+    if (!req.file) {
+      console.error('❌ 没有收到文件');
+      return res.status(400).json({ error: '请选择头像文件' });
+    }
+
+    const userId = req.user.userId;
+    
+    console.log('📸 文件路径:', req.file.path);
+    console.log('📸 文件大小:', req.file.size);
+    
+    // 检查文件是否存在
+    if (!fs.existsSync(req.file.path)) {
+      console.error('❌ 文件不存在:', req.file.path);
+      return res.status(500).json({ error: '文件上传失败，请重试' });
+    }
+    
+    // 读取文件
+    const fileBuffer = fs.readFileSync(req.file.path);
+    let avatarUrl = null;
+    let storageType = 'base64';
+    
+    // 优先使用 R2 存储
+    if (r2Storage.isConfigured()) {
+      try {
+        console.log('📸 使用 Cloudflare R2 存储头像...');
+        
+        // 获取文件扩展名
+        const ext = req.file.originalname.split('.').pop() || 'jpg';
+        
+        // 使用固定路径：avatars/用户ID/avatar.扩展名
+        // 每个用户有独立文件夹，每次上传覆盖同一文件
+        const customKey = `avatars/user-${userId}/avatar.${ext}`;
+        
+        const uploadResult = await r2Storage.uploadFile(
+          fileBuffer,
+          req.file.originalname,
+          req.file.mimetype,
+          { customKey: customKey }
+        );
+        
+        // 添加时间戳参数避免浏览器缓存
+        avatarUrl = `${uploadResult.url}?t=${Date.now()}`;
+        storageType = 'r2';
+        console.log('📸 R2 上传成功:', avatarUrl);
+        console.log('📸 存储路径:', customKey);
+      } catch (r2Error) {
+        console.error('📸 R2 上传失败，回退到 Base64:', r2Error.message);
+        // R2 失败时回退到 Base64
+        avatarUrl = `data:${req.file.mimetype};base64,${fileBuffer.toString('base64')}`;
+      }
+    } else {
+      // 未配置 R2，使用 Base64 存储
+      console.log('📸 R2 未配置，使用 Base64 存储头像');
+      avatarUrl = `data:${req.file.mimetype};base64,${fileBuffer.toString('base64')}`;
+    }
+    
+    console.log('📸 头像URL长度:', avatarUrl.length);
+    console.log('📸 存储类型:', storageType);
+    
+    // 删除临时文件
+    try {
+      fs.unlinkSync(req.file.path);
+      console.log('📸 临时文件已删除');
+    } catch (unlinkError) {
+      console.error('⚠️  删除临时文件失败:', unlinkError.message);
+    }
+
+    const connection = await pool.getConnection();
+    
+    try {
+      // 更新用户头像
+      await connection.query(
+        'UPDATE users SET avatar = ? WHERE id = ?',
+        [avatarUrl, userId]
+      );
+
+      console.log('✅ 头像上传成功');
+      
+      res.json({ 
+        success: true, 
+        avatarUrl: avatarUrl,
+        storageType: storageType,
+        message: '头像上传成功' 
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('❌ 上传头像失败:', error);
+    console.error('❌ 错误堆栈:', error.stack);
+    logger.error('上传头像失败:', error);
+    res.status(500).json({ 
+      error: '上传头像失败',
+      message: error.message 
+    });
+  }
+});
+
+// 更新用户资料
+app.put('/api/profile', authenticateToken, async (req, res) => {
+  const userId = req.user.userId;
+  const { username, email, bio, phone, major, grade, gender, avatar } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 构建更新字段
+      const updates = [];
+      const values = [];
+
+      if (username !== undefined) {
+        updates.push('username = ?');
+        values.push(username);
+      }
+      if (email !== undefined) {
+        updates.push('email = ?');
+        values.push(email);
+      }
+      if (bio !== undefined) {
+        updates.push('bio = ?');
+        values.push(bio);
+      }
+      if (phone !== undefined) {
+        updates.push('phone = ?');
+        values.push(phone);
+      }
+      if (major !== undefined) {
+        updates.push('major = ?');
+        values.push(major);
+      }
+      if (grade !== undefined) {
+        updates.push('grade = ?');
+        values.push(grade);
+      }
+      if (gender !== undefined) {
+        updates.push('gender = ?');
+        values.push(gender);
+      }
+      if (avatar !== undefined) {
+        updates.push('avatar = ?');
+        values.push(avatar);
+      }
+
+      if (updates.length === 0) {
+        return res.status(400).json({ error: '没有要更新的字段' });
+      }
+
+      values.push(userId);
+
+      await connection.query(
+        `UPDATE users SET ${updates.join(', ')} WHERE id = ?`,
+        values
+      );
+
+      res.json({ 
+        success: true, 
+        message: '资料更新成功' 
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('更新资料失败:', error);
+    logger.error('更新资料失败:', error);
+    res.status(500).json({ error: '更新资料失败' });
+  }
+});
+
+// 添加好友
+app.post('/api/friends', authenticateToken, async (req, res) => {
+  const userId = req.user.userId;
+  const { friendId } = req.body;
+
+  if (!friendId) {
+    return res.status(400).json({ error: '好友ID不能为空' });
+  }
+
+  if (userId === friendId) {
+    return res.status(400).json({ error: '不能添加自己为好友' });
+  }
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查是否已经是好友
+      const [existing] = await connection.query(`
+        SELECT * FROM friendships 
+        WHERE (user_id = ? AND friend_id = ?) OR (user_id = ? AND friend_id = ?)
+      `, [userId, friendId, friendId, userId]);
+
+      if (existing.length > 0) {
+        return res.status(400).json({ error: '已经是好友或已发送好友请求' });
+      }
+
+      // 添加好友关系（直接设为accepted，简化流程）
+      await connection.query(
+        'INSERT INTO friendships (user_id, friend_id, status) VALUES (?, ?, ?)',
+        [userId, friendId, 'accepted']
+      );
+
+      res.json({ 
+        success: true, 
+        message: '添加好友成功' 
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('添加好友失败:', error);
+    logger.error('添加好友失败:', error);
+    res.status(500).json({ error: '添加好友失败' });
+  }
+});
+
+// ============ 聊天相关接口 ============
+
+// 获取聊天消息
+app.get('/api/chat/:friendId', authenticateToken, async (req, res) => {
+  const userId = req.user.userId;
+  const friendId = req.params.friendId;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 获取聊天消息
+      const [messages] = await connection.query(`
+        SELECT m.*, u.username, u.avatar
+        FROM chat_messages m
+        JOIN users u ON m.sender_id = u.id
+        WHERE (m.sender_id = ? AND m.receiver_id = ?) 
+           OR (m.sender_id = ? AND m.receiver_id = ?)
+        ORDER BY m.created_at ASC
+        LIMIT 100
+      `, [userId, friendId, friendId, userId]);
+
+      res.json({ 
+        success: true, 
+        messages: messages || [] 
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('获取聊天消息失败:', error);
+    logger.error('获取聊天消息失败:', error);
+    res.status(500).json({ error: '获取聊天消息失败' });
+  }
+});
+
+// 发送聊天消息
+app.post('/api/chat', authenticateToken, async (req, res) => {
+  const senderId = req.user.userId;
+  const { receiverId, content, type = 'text' } = req.body;
+
+  if (!receiverId || !content) {
+    return res.status(400).json({ error: '接收者ID和消息内容不能为空' });
+  }
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 插入消息
+      const [result] = await connection.query(
+        'INSERT INTO chat_messages (sender_id, receiver_id, content, type) VALUES (?, ?, ?, ?)',
+        [senderId, receiverId, content, type]
+      );
+
+      // 获取刚插入的消息
+      const [messages] = await connection.query(`
+        SELECT m.*, u.username, u.avatar
+        FROM chat_messages m
+        JOIN users u ON m.sender_id = u.id
+        WHERE m.id = ?
+      `, [result.insertId]);
+
+      res.json({ 
+        success: true, 
+        message: messages[0] 
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    console.error('发送消息失败:', error);
+    logger.error('发送消息失败:', error);
+    res.status(500).json({ error: '发送消息失败' });
+  }
+});
+
+// ============ 兼容性路由 ============
+// 失物招领兼容性路由 (前端调用的是 /api/lost-found)
+app.get('/api/lost-found', async (req, res) => {
+  const { category, status } = req.query;
+  
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      let query = `
+        SELECT lf.*, u.username 
+        FROM lost_found lf 
+        JOIN users u ON lf.user_id = u.id
+      `;
+      let conditions = [];
+      let params = [];
+
+      if (category) {
+        conditions.push('lf.category = ?');
+        params.push(category);
+      }
+
+      if (status) {
+        conditions.push('lf.status = ?');
+        params.push(status);
+      }
+
+      if (conditions.length > 0) {
+        query += ' WHERE ' + conditions.join(' AND ');
+      }
+
+      query += ' ORDER BY lf.created_at DESC LIMIT 50';
+
+      const [items] = await connection.query(query, params);
+      res.json({ items });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取失物招领失败:', error);
+    res.status(500).json({ error: '获取失物招领失败' });
+  }
+});
+
+app.post('/api/lost-found', authenticateToken, [
+  body('title').notEmpty().withMessage('标题不能为空'),
+  body('description').notEmpty().withMessage('描述不能为空'),
+  body('category').notEmpty().withMessage('分类不能为空')
+], async (req, res) => {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() });
+  }
+
+  const { title, description, category, contact, images } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const imagesJson = images && images.length > 0 ? JSON.stringify(images) : null;
+      
+      // 先尝试包含images字段的插入
+      let result;
+      try {
+        [result] = await connection.query(
+          'INSERT INTO lost_found (user_id, title, description, category, contact, images) VALUES (?, ?, ?, ?, ?, ?)',
+          [req.user.userId, title, description, category, contact || '', imagesJson]
+        );
+      } catch (insertError) {
+        if (insertError.code === 'ER_BAD_FIELD_ERROR') {
+          // images字段不存在，使用不包含images的插入
+          console.log('images字段不存在，使用兼容模式插入');
+          [result] = await connection.query(
+            'INSERT INTO lost_found (user_id, title, description, category, contact) VALUES (?, ?, ?, ?, ?)',
+            [req.user.userId, title, description, category, contact || '']
+          );
+        } else {
+          throw insertError;
+        }
+      }
+
+      res.status(201).json({
+        message: '失物招领发布成功',
+        itemId: result.insertId
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('发布失物招领失败:', error);
+    res.status(500).json({ error: '发布失物招领失败' });
+  }
+});
+
+// 获取失物招领详情接口
+app.get('/api/lost-found/:id', async (req, res) => {
+  const { id } = req.params;
+  
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [items] = await connection.query(`
+        SELECT lf.*, u.username 
+        FROM lost_found lf 
+        JOIN users u ON lf.user_id = u.id 
+        WHERE lf.id = ?
+      `, [id]);
+
+      if (items.length === 0) {
+        return res.status(404).json({ error: '失物招领信息不存在' });
+      }
+
+      res.json({ item: items[0] });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('获取失物招领详情失败:', error);
+    res.status(500).json({ error: '获取失物招领详情失败' });
+  }
+});
+
+// 更新失物招领状态接口
+app.put('/api/lost-found/:id/status', authenticateToken, async (req, res) => {
+  const { id } = req.params;
+  const { status } = req.body;
+  
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [result] = await connection.query(
+        'UPDATE lost_found SET status = ? WHERE id = ?',
+        [status, id]
+      );
+
+      if (result.affectedRows === 0) {
+        return res.status(404).json({ error: '失物招领信息不存在' });
+      }
+
+      res.json({ success: true, message: '状态更新成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('更新失物招领状态失败:', error);
+    res.status(500).json({ error: '更新失物招领状态失败' });
+  }
+});
+
+// 编辑失物招领接口
+app.put('/api/lost-found/:id', authenticateToken, [
+  body('title').notEmpty().withMessage('标题不能为空'),
+  body('description').notEmpty().withMessage('描述不能为空'),
+  body('category').notEmpty().withMessage('分类不能为空')
+], async (req, res) => {
+  const errors = validationResult(req);
+  if (!errors.isEmpty()) {
+    return res.status(400).json({ errors: errors.array() });
+  }
+
+  const { id } = req.params;
+  const { title, description, category, contact, images } = req.body;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const imagesJson = images && images.length > 0 ? JSON.stringify(images) : null;
+      
+      // 先尝试包含images字段的更新
+      let result;
+      try {
+        [result] = await connection.query(
+          'UPDATE lost_found SET title = ?, description = ?, category = ?, contact = ?, images = ? WHERE id = ? AND user_id = ?',
+          [title, description, category, contact || '', imagesJson, id, req.user.userId]
+        );
+      } catch (updateError) {
+        if (updateError.code === 'ER_BAD_FIELD_ERROR') {
+          // images字段不存在，使用不包含images的更新
+          console.log('images字段不存在，使用兼容模式更新');
+          [result] = await connection.query(
+            'UPDATE lost_found SET title = ?, description = ?, category = ?, contact = ? WHERE id = ? AND user_id = ?',
+            [title, description, category, contact || '', id, req.user.userId]
+          );
+        } else {
+          throw updateError;
+        }
+      }
+
+      if (result.affectedRows === 0) {
+        return res.status(404).json({ error: '失物招领信息不存在或无权限编辑' });
+      }
+
+      res.json({ success: true, message: '编辑成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('编辑失物招领失败:', error);
+    res.status(500).json({ error: '编辑失物招领失败' });
+  }
+});
+
+// 删除失物招领接口
+app.delete('/api/lost-found/:id', authenticateToken, async (req, res) => {
+  const { id } = req.params;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [result] = await connection.query(
+        'DELETE FROM lost_found WHERE id = ? AND user_id = ?',
+        [id, req.user.userId]
+      );
+
+      if (result.affectedRows === 0) {
+        return res.status(404).json({ error: '失物招领信息不存在或无权限删除' });
+      }
+
+      res.json({ success: true, message: '删除成功' });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('删除失物招领失败:', error);
+    res.status(500).json({ error: '删除失物招领失败' });
+  }
+});
+
+// 失物招领点赞接口
+app.post('/api/lost-found/:id/like', authenticateToken, async (req, res) => {
+  const { id } = req.params;
+
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      // 检查是否已经点赞
+      const [existingLikes] = await connection.query(
+        'SELECT id FROM lost_found_likes WHERE item_id = ? AND user_id = ?',
+        [id, req.user.userId]
+      );
+
+      if (existingLikes.length > 0) {
+        // 已经点赞，取消点赞
+        await connection.query(
+          'DELETE FROM lost_found_likes WHERE item_id = ? AND user_id = ?',
+          [id, req.user.userId]
+        );
+        
+        await connection.query(
+          'UPDATE lost_found SET likes = likes - 1 WHERE id = ?',
+          [id]
+        );
+        
+        res.json({ success: true, message: '取消点赞成功', liked: false });
+      } else {
+        // 未点赞，添加点赞
+        await connection.query(
+          'INSERT INTO lost_found_likes (item_id, user_id) VALUES (?, ?)',
+          [id, req.user.userId]
+        );
+        
+        await connection.query(
+          'UPDATE lost_found SET likes = likes + 1 WHERE id = ?',
+          [id]
+        );
+        
+        res.json({ success: true, message: '点赞成功', liked: true });
+      }
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    logger.error('失物招领点赞失败:', error);
+    res.status(500).json({ error: '操作失败' });
+  }
+});
+
+// 调试接口 - 检查文件是否存在
+app.get('/api/debug/files', (req, res) => {
+  try {
+    // 检查uploads目录
+    const uploadsFiles = fs.existsSync(uploadsDir) ? fs.readdirSync(uploadsDir) : [];
+    const uploadsDetails = uploadsFiles.map(filename => {
+      const filePath = path.join(uploadsDir, filename);
+      const stats = fs.statSync(filePath);
+      return {
+        filename,
+        size: stats.size,
+        created: stats.birthtime,
+        modified: stats.mtime,
+        path: filePath
+      };
+    });
+
+    // 检查static目录
+    const staticFiles = fs.existsSync(staticDir) ? fs.readdirSync(staticDir) : [];
+    const staticDetails = staticFiles.map(filename => {
+      const filePath = path.join(staticDir, filename);
+      const stats = fs.statSync(filePath);
+      return {
+        filename,
+        size: stats.size,
+        created: stats.birthtime,
+        modified: stats.mtime,
+        path: filePath
+      };
+    });
+    
+    res.json({
+      uploadsDir,
+      staticDir,
+      uploads: {
+        totalFiles: uploadsFiles.length,
+        files: uploadsDetails
+      },
+      static: {
+        totalFiles: staticFiles.length,
+        files: staticDetails
+      }
+    });
+  } catch (error) {
+    res.status(500).json({ error: error.message });
+  }
+});
+
+// 调试接口 - 查看用户数据
+app.get('/api/debug/users', async (req, res) => {
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [users] = await connection.query('SELECT id, username, email, role, created_at FROM users');
+      res.json({ 
+        users: users.map(user => ({
+          id: user.id,
+          username: user.username,
+          email: user.email,
+          role: user.role,
+          created_at: user.created_at
+        })),
+        count: users.length,
+        message: '调试信息 - 用户列表'
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    res.status(500).json({ error: error.message, message: '查询用户数据失败' });
+  }
+});
+
+// 调试接口 - 测试管理员登录
+app.post('/api/debug/test-admin', async (req, res) => {
+  try {
+    const connection = await pool.getConnection();
+    
+    try {
+      const [users] = await connection.query(
+        'SELECT id, username, email, password, role FROM users WHERE username = ? OR email = ?',
+        ['admin', 'admin']
+      );
+
+      if (users.length === 0) {
+        return res.json({ 
+          success: false, 
+          message: '管理员用户不存在',
+          query: 'SELECT * FROM users WHERE username = admin OR email = admin'
+        });
+      }
+
+      const user = users[0];
+      const bcrypt = require('bcrypt');
+      const isValidPassword = await bcrypt.compare('admin', user.password);
+
+      res.json({
+        success: isValidPassword,
+        message: isValidPassword ? '密码验证成功' : '密码验证失败',
+        user: {
+          id: user.id,
+          username: user.username,
+          email: user.email,
+          role: user.role,
+          passwordHash: user.password.substring(0, 20) + '...'
+        }
+      });
+    } finally {
+      connection.release();
+    }
+  } catch (error) {
+    res.status(500).json({ error: error.message, message: '测试管理员登录失败' });
+  }
+});
+
+// Multer错误处理中间件
+app.use((error, req, res, next) => {
+  if (error instanceof multer.MulterError) {
+    console.error('❌ Multer错误:', error);
+    if (error.code === 'LIMIT_FILE_SIZE') {
+      return res.status(400).json({ 
+        error: '文件太大',
+        message: '文件大小不能超过2MB' 
+      });
+    }
+    return res.status(400).json({ 
+      error: '文件上传错误',
+      message: error.message 
+    });
+  }
+  
+  if (error) {
+    console.error('❌ 服务器错误:', error);
+    return res.status(500).json({ 
+      error: '服务器错误',
+      message: error.message 
+    });
+  }
+  
+  next();
+});
+
+// 404处理
+app.use('*', (req, res) => {
+  res.status(404).json({ 
+    error: 'API endpoint not found',
+    message: 'Please check the API documentation at /'
+  });
+});
+
+// 启动服务器
+async function startServer() {
+  try {
+    console.log('🔄 正在连接MySQL数据库...');
+    console.log(`📍 数据库地址: ${process.env.MYSQL_HOST || 'gz-cdb-1xrcr3dt.sql.tencentcdb.com'}:${process.env.MYSQL_PORT || 23767}`);
+    
+    // 测试数据库连接
+    const connection = await pool.getConnection();
+    console.log('✅ MySQL数据库连接成功！');
+    connection.release();
+    
+    // 初始化数据库表
+    await initDatabase();
+    
+    // 启动服务器
+    app.listen(PORT, '0.0.0.0', () => {
+      logger.info(`校园圈服务器运行在端口 ${PORT} - Hugging Face Spaces版本`);
+      console.log(`\n🚀 CampusLoop Backend 启动成功！`);
+      console.log(`🌐 服务器地址: http://0.0.0.0:${PORT}`);
+      console.log(`🏥 健康检查: http://0.0.0.0:${PORT}/api/health`);
+      console.log(`📅 当前时间: ${new Date().toLocaleString()}`);
+      console.log(`🎯 平台: Hugging Face Spaces`);
+      console.log(`\n📝 主要接口:`);
+      console.log(`   GET   /                     - API文档`);
+      console.log(`   GET   /api/health           - 健康检查`);
+      console.log(`   POST  /api/auth/register    - 用户注册`);
+      console.log(`   POST  /api/auth/login       - 用户登录`);
+      console.log(`   GET   /api/posts            - 获取动态`);
+      console.log(`   POST  /api/posts            - 发布动态`);
+      console.log(`   GET   /api/forum/posts      - 获取论坛帖子`);
+      console.log(`   GET   /api/activities       - 获取活动`);
+    });
+  } catch (error) {
+    logger.error('服务器启动失败:', error);
+    console.error('❌ 服务器启动失败:', error.message);
+    
+    if (error.code === 'ETIMEDOUT') {
+      console.error('\n⚠️  数据库连接超时！可能的原因：');
+      console.error('   1. 数据库服务器防火墙未开放外部访问');
+      console.error('   2. Hugging Face Spaces IP未加入数据库白名单');
+      console.error('   3. 数据库地址或端口配置错误');
+      console.error('\n💡 解决方案：');
+      console.error('   1. 在腾讯云MySQL控制台添加 0.0.0.0/0 到白名单（测试用）');
+      console.error('   2. 检查Hugging Face Spaces环境变量配置');
+      console.error('   3. 确认数据库服务正常运行');
+    }
+    
+    process.exit(1);
+  }
+}
+
+startServer();