版本更新

app.py

@@ -48,6 +48,8 @@ from router_comments import router as comments_router # 💬 评论系统
 from router_messages import router as messages_router # ✉️ 私信系统
 from router_wallet import router as wallet_router     # 💰 钱包/提现
 from router_proxy import router as proxy_router       # 🔗 代理下载
+from router_posts import router as posts_router       # 💬 讨论区
+from router_tasks import router as tasks_router       # 📝 任务榜
 
 from database_sql import init_sql_db, get_db
 from models_sql import Ownership
@@ -203,6 +205,8 @@ app.include_router(comments_router)       # 💬 评论系统
 app.include_router(messages_router)       # ✉️ 私信系统
 app.include_router(wallet_router)         # 💰 钱包/提现
 app.include_router(proxy_router)          # 🔗 代理下载
+app.include_router(posts_router)          # 💬 讨论区
+app.include_router(tasks_router)          # 📝 任务榜
 
 # ==========================================
 # 🟢 私有图床代理中心 (Image Proxy)
@@ -217,7 +221,7 @@ def proxy_hf_image(url: str = None, path: str = None):
         try:
             path = url.split("resolve/main/")[-1]
             path = urllib.parse.unquote(path)
-        except:
+        except Exception:
             raise HTTPException(status_code=400, detail="无效的 HF 原链接格式")
             
     if not path:
@@ -247,7 +251,10 @@ def proxy_hf_image(url: str = None, path: str = None):
 
 # ==========================================
 # 上传接口 (将返回的 URL 替换为 Proxy 代理链接)
+# 🔒 P0安全优化：集成图片内容审核
 # ==========================================
+from image_moderation import moderate_image_sync, ModerationResult
+
 @app.post("/api/upload")
 def upload_file(file: UploadFile = File(...), file_type: str = Form(...)):
     content = file.file.read() 
@@ -265,6 +272,15 @@ def upload_file(file: UploadFile = File(...), file_type: str = Form(...)):
     ext = file.filename.split(".")[-1].lower()
     if ext not in ["jpg", "jpeg", "png", "gif", "webp", "json", "mp4"]:
         raise HTTPException(status_code=400, detail="不支持的文件格式")
+    
+    # 🔒 P0安全优化：图片内容审核
+    if ext in ["jpg", "jpeg", "png", "gif", "webp"]:
+        moderation_result = moderate_image_sync(content, ext)
+        if not moderation_result.passed:
+            raise HTTPException(
+                status_code=400, 
+                detail=f"图片内容审核未通过：{moderation_result.label or '内容不合规'}"
+            )
         
     file_hash = hashlib.md5(content).hexdigest()[:10]
     safe_filename = f"{file_type}_{file_hash}.{ext}"
@@ -365,4 +381,140 @@ def validate_resource(req_data: ValidateResourceRequest, sql_db: Session = Depen
     except Exception as e:
         return JSONResponse(content={"error": f"资源探测异常: {str(e)}"}, status_code=500)
         
-    return {"status": "success"}
+    return {"status": "success"}
+
+
+# ==========================================
+# 🔒 管理员：系统配置 API
+# ==========================================
+from 安全认证 import require_auth
+
+# 🔒 管理员账号列表（从环境变量读取）
+ADMIN_ACCOUNTS = set(
+    acc.strip() 
+    for acc in os.environ.get("ADMIN_ACCOUNTS", "").split(",") 
+    if acc.strip()
+)
+
+def _is_admin(account: str) -> bool:
+    """检查账号是否为管理员"""
+    return account in ADMIN_ACCOUNTS
+
+# 配置存储文件
+SYSTEM_CONFIG_FILE = "/tmp/system_config.json"
+
+def _load_system_config() -> dict:
+    """ 加载系统配置 """
+    try:
+        if os.path.exists(SYSTEM_CONFIG_FILE):
+            with open(SYSTEM_CONFIG_FILE, "r") as f:
+                return json.load(f)
+    except Exception as e:
+        logger.debug(f"加载系统配置失败: {e}")
+    return {}
+
+def _save_system_config(config: dict):
+    """ 保存系统配置 """
+    try:
+        with open(SYSTEM_CONFIG_FILE, "w") as f:
+            json.dump(config, f)
+    except Exception as e:
+        logger.warning(f"保存系统配置失败: {e}")
+
+
+@app.get("/api/admin/config/{config_key}")
+async def get_system_config(config_key: str, current_user: str = Depends(require_auth)):
+    """ 🔒 获取系统配置（仅管理员） """
+    # 🔒 权限验证
+    if not _is_admin(current_user):
+        raise HTTPException(status_code=403, detail="无权访问系统配置，仅管理员可操作")
+    
+    config = _load_system_config()
+    
+    if config_key == "image_moderation":
+        # 图像审核配置：包含开关状态和额度信息
+        try:
+            from image_moderation import _load_quota, ALIYUN_FREE_QUOTA, TENCENT_FREE_QUOTA
+            quota = _load_quota()
+            return {
+                "status": "success",
+                "data": {
+                    "enabled": config.get("image_moderation_enabled", False),
+                    "quota": {
+                        "aliyun": quota.get("aliyun", 0),
+                        "tencent": quota.get("tencent", 0),
+                        "aliyun_limit": ALIYUN_FREE_QUOTA,
+                        "tencent_limit": TENCENT_FREE_QUOTA
+                    }
+                }
+            }
+        except Exception as e:
+            logger.error(f"获取审核配置失败: {e}")
+            return {
+                "status": "success",
+                "data": {
+                    "enabled": config.get("image_moderation_enabled", False),
+                    "quota": {}
+                }
+            }
+    
+    if config_key == "project_version":
+        # 🏷️ 项目版本配置
+        version_config = config.get("project_version", DEFAULT_VERSION_CONFIG)
+        return {
+            "status": "success",
+            "data": version_config
+        }
+    
+    return {"status": "success", "data": config.get(config_key)}
+
+
+# 🏷️ 版本配置默认值
+DEFAULT_VERSION_CONFIG = {
+    "stage": "alpha",
+    "major": 1,
+    "minor": 0,
+    "patch": 0
+}
+
+
+@app.put("/api/admin/config/{config_key}")
+async def set_system_config(config_key: str, value: dict, current_user: str = Depends(require_auth)):
+    """ 🔒 设置系统配置（仅管理员） """
+    # 🔒 权限验证
+    if not _is_admin(current_user):
+        raise HTTPException(status_code=403, detail="无权修改系统配置，仅管理员可操作")
+    
+    config = _load_system_config()
+    
+    if config_key == "image_moderation":
+        # 更新图像审核开关
+        enabled = value.get("enabled", False)
+        config["image_moderation_enabled"] = enabled
+        _save_system_config(config)
+        
+        logger.info(f"🔒 管理员设置图像审核: {'enabled' if enabled else 'disabled'}")
+        return {"status": "success", "message": f"图像审核已{'enabled' if enabled else 'disabled'}"}
+    
+    if config_key == "project_version":
+        # 🏷️ 更新项目版本配置
+        version_config = {
+            "stage": value.get("stage", "alpha"),
+            "major": int(value.get("major", 1)),
+            "minor": int(value.get("minor", 0)),
+            "patch": int(value.get("patch", 0))
+        }
+        config["project_version"] = version_config
+        _save_system_config(config)
+        
+        version_str = f"V{version_config['major']}.{version_config['minor']}.{version_config['patch']}"
+        stage_labels = {"alpha": "内测", "beta": "公测", "rc": "候选版", "stable": "正式版"}
+        stage_label = stage_labels.get(version_config["stage"], version_config["stage"])
+        
+        logger.info(f"🏷️ 管理员更新项目版本: {version_str} {stage_label}")
+        return {"status": "success", "message": f"版本已更新为 {version_str} {stage_label}"}
+    
+    # 其他配置项
+    config[config_key] = value
+    _save_system_config(config)
+    return {"status": "success", "message": "配置已更新"}

database_sql.py

@@ -78,6 +78,10 @@ def init_sql_db():
     for attempt in range(3):
         try:
             Base.metadata.create_all(bind=engine)
+            
+            # 🔄 P7后悔模式：自动迁移新增字段
+            _auto_migrate_p7_fields()
+            
             logger.info("数据库初始化成功")
             return
         except Exception as e:
@@ -89,6 +93,45 @@ def init_sql_db():
                 raise
 
 
+def _auto_migrate_p7_fields():
+    """
+    🔄 P7后悔模式：自动迁移新增字段
+    检查并添加 ownerships 表的新字段
+    """
+    from sqlalchemy import inspect
+    
+    try:
+        inspector = inspect(engine)
+        
+        # 检查 ownerships 表是否存在
+        if 'ownerships' in inspector.get_table_names():
+            columns = [col['name'] for col in inspector.get_columns('ownerships')]
+            
+            # 添加 P7 新增字段
+            with engine.connect() as conn:
+                if 'price_paid' not in columns:
+                    if 'sqlite' in SQLALCHEMY_DATABASE_URL:
+                        conn.execute(text("ALTER TABLE ownerships ADD COLUMN price_paid INTEGER DEFAULT 0"))
+                    else:
+                        conn.execute(text("ALTER TABLE ownerships ADD COLUMN price_paid INTEGER DEFAULT 0"))
+                    logger.info("迁移完成: 添加 ownerships.price_paid 字段")
+                
+                if 'is_refunded' not in columns:
+                    if 'sqlite' in SQLALCHEMY_DATABASE_URL:
+                        conn.execute(text("ALTER TABLE ownerships ADD COLUMN is_refunded BOOLEAN DEFAULT 0"))
+                    else:
+                        conn.execute(text("ALTER TABLE ownerships ADD COLUMN is_refunded BOOLEAN DEFAULT FALSE"))
+                    logger.info("迁移完成: 添加 ownerships.is_refunded 字段")
+                
+                if 'refunded_at' not in columns:
+                    conn.execute(text("ALTER TABLE ownerships ADD COLUMN refunded_at TIMESTAMP"))
+                    logger.info("迁移完成: 添加 ownerships.refunded_at 字段")
+                
+                conn.commit()
+    except Exception as e:
+        logger.warning(f"P7字段迁移跳过 (可能已存在): {e}")
+
+
 def get_db():
     """获取数据库会话，带连接有效性检测"""
     db = SessionLocal()

image_moderation.py

@@ -0,0 +1,457 @@
+# image_moderation.py
+# ==========================================
+# 🔒 P0安全优化：图片内容审核模块
+# ==========================================
+# 支持腾讯云/阿里云图片审核API
+# 环境变量配置：
+#   - IMAGE_MODERATION_PROVIDER: "tencent" 或 "aliyun" (默认: tencent)
+#   - TENCENT_SECRET_ID / TENCENT_SECRET_KEY
+#   - ALIYUN_ACCESS_KEY_ID / ALIYUN_ACCESS_KEY_SECRET
+# ==========================================
+
+import os
+import base64
+import json
+import logging
+import hmac
+import hashlib
+import time
+import uuid
+from datetime import datetime
+from typing import Optional, Tuple
+import httpx
+
+logger = logging.getLogger("ComfyUI-Ranking.ImageModeration")
+
+# ==========================================
+# 🔧 配置
+# ==========================================
+
+MODERATION_ENABLED = os.environ.get("IMAGE_MODERATION_ENABLED", "false").lower() == "true"
+
+# 腾讯云配置
+TENCENT_SECRET_ID = os.environ.get("TENCENT_SECRET_ID", "")
+TENCENT_SECRET_KEY = os.environ.get("TENCENT_SECRET_KEY", "")
+TENCENT_REGION = os.environ.get("TENCENT_REGION", "ap-guangzhou")
+
+# 阿里云配置
+ALIYUN_ACCESS_KEY_ID = os.environ.get("ALIYUN_ACCESS_KEY_ID", "")
+ALIYUN_ACCESS_KEY_SECRET = os.environ.get("ALIYUN_ACCESS_KEY_SECRET", "")
+ALIYUN_REGION = os.environ.get("ALIYUN_REGION", "cn-shanghai")
+
+# 💰 免费额度管理（每月重置）
+ALIYUN_FREE_QUOTA = 3000   # 阿里云每月免费 3000 次
+TENCENT_FREE_QUOTA = 10000  # 腾讯云每月免费 10000 次
+
+# 额度记录文件
+QUOTA_FILE = "/tmp/image_moderation_quota.json"
+
+def _load_quota() -> dict:
+    """加载当月额度使用记录"""
+    current_month = datetime.now().strftime("%Y-%m")
+    try:
+        if os.path.exists(QUOTA_FILE):
+            with open(QUOTA_FILE, "r") as f:
+                data = json.load(f)
+                # 检查是否是当月记录，否则重置
+                if data.get("month") != current_month:
+                    return {"month": current_month, "aliyun": 0, "tencent": 0}
+                return data
+    except Exception as e:
+        logger.debug(f"加载额度记录失败: {e}")
+    return {"month": current_month, "aliyun": 0, "tencent": 0}
+
+def _save_quota(quota: dict):
+    """保存额度使用记录"""
+    try:
+        with open(QUOTA_FILE, "w") as f:
+            json.dump(quota, f)
+    except Exception as e:
+        logger.warning(f"保存额度记录失败: {e}")
+
+def _increment_quota(provider: str):
+    """增加使用次数"""
+    quota = _load_quota()
+    quota[provider] = quota.get(provider, 0) + 1
+    _save_quota(quota)
+    logger.info(f"审核额度: {provider}={quota[provider]}, 阿里云剩余{ALIYUN_FREE_QUOTA - quota.get('aliyun', 0)}, 腾讯云剩余{TENCENT_FREE_QUOTA - quota.get('tencent', 0)}")
+
+def _get_available_provider() -> str:
+    """
+    获取可用的审核服务商
+    策略：阿里云优先 → 腾讯云兆底 → 都用完则跳过
+    """
+    quota = _load_quota()
+    
+    # 1️⃣ 优先阿里云
+    if quota.get("aliyun", 0) < ALIYUN_FREE_QUOTA and ALIYUN_ACCESS_KEY_ID:
+        return "aliyun"
+    
+    # 2️⃣ 阿里云用完，切换腾讯云
+    if quota.get("tencent", 0) < TENCENT_FREE_QUOTA and TENCENT_SECRET_ID:
+        return "tencent"
+    
+    # 3️⃣ 两家都用完，返回 None
+    return None
+
+# ==========================================
+# 📊 审核结果类型
+# ==========================================
+
+class ModerationResult:
+    """图片审核结果"""
+    def __init__(self, passed: bool, label: str = "", confidence: float = 0.0, 
+                 suggestion: str = "pass", details: dict = None):
+        self.passed = passed  # 是否通过
+        self.label = label  # 违规标签（如 Porn, Terror, Ad）
+        self.confidence = confidence  # 置信度 0-100
+        self.suggestion = suggestion  # pass/review/block
+        self.details = details or {}  # 详细信息
+    
+    def to_dict(self):
+        return {
+            "passed": self.passed,
+            "label": self.label,
+            "confidence": self.confidence,
+            "suggestion": self.suggestion,
+            "details": self.details
+        }
+
+# ==========================================
+# 🔵 腾讯云图片审核
+# ==========================================
+
+def _tencent_sign_v3(secret_id: str, secret_key: str, host: str, 
+                      payload: str, timestamp: int) -> dict:
+    """腾讯云 TC3-HMAC-SHA256 签名"""
+    service = "ims"
+    date = datetime.utcfromtimestamp(timestamp).strftime("%Y-%m-%d")
+    
+    # 规范请求
+    http_request_method = "POST"
+    canonical_uri = "/"
+    canonical_querystring = ""
+    ct = "application/json; charset=utf-8"
+    canonical_headers = f"content-type:{ct}\nhost:{host}\nx-tc-action:imagemoderationsync\n"
+    signed_headers = "content-type;host;x-tc-action"
+    hashed_request_payload = hashlib.sha256(payload.encode("utf-8")).hexdigest()
+    canonical_request = (f"{http_request_method}\n{canonical_uri}\n{canonical_querystring}\n"
+                         f"{canonical_headers}\n{signed_headers}\n{hashed_request_payload}")
+    
+    # 待签名字符串
+    algorithm = "TC3-HMAC-SHA256"
+    credential_scope = f"{date}/{service}/tc3_request"
+    hashed_canonical_request = hashlib.sha256(canonical_request.encode("utf-8")).hexdigest()
+    string_to_sign = f"{algorithm}\n{timestamp}\n{credential_scope}\n{hashed_canonical_request}"
+    
+    # 计算签名
+    def sign(key, msg):
+        return hmac.new(key, msg.encode("utf-8"), hashlib.sha256).digest()
+    
+    secret_date = sign(("TC3" + secret_key).encode("utf-8"), date)
+    secret_service = sign(secret_date, service)
+    secret_signing = sign(secret_service, "tc3_request")
+    signature = hmac.new(secret_signing, string_to_sign.encode("utf-8"), hashlib.sha256).hexdigest()
+    
+    # 构建 Authorization
+    authorization = (f"{algorithm} Credential={secret_id}/{credential_scope}, "
+                     f"SignedHeaders={signed_headers}, Signature={signature}")
+    
+    return {
+        "Authorization": authorization,
+        "Content-Type": ct,
+        "Host": host,
+        "X-TC-Action": "ImageModerationSync",
+        "X-TC-Timestamp": str(timestamp),
+        "X-TC-Version": "2020-07-13",
+        "X-TC-Region": TENCENT_REGION
+    }
+
+async def moderate_image_tencent(image_content: bytes) -> ModerationResult:
+    """
+    腾讯云图片审核
+    API文档: https://cloud.tencent.com/document/product/1125/53273
+    """
+    if not TENCENT_SECRET_ID or not TENCENT_SECRET_KEY:
+        logger.warning("腾讯云审核未配置，跳过审核")
+        return ModerationResult(passed=True, suggestion="pass")
+    
+    host = "ims.tencentcloudapi.com"
+    timestamp = int(time.time())
+    
+    # Base64 编码图片
+    file_content_base64 = base64.b64encode(image_content).decode("utf-8")
+    
+    payload = json.dumps({
+        "BizType": "default",  # 使用默认策略
+        "FileContent": file_content_base64,
+        "DataId": str(uuid.uuid4())
+    })
+    
+    headers = _tencent_sign_v3(TENCENT_SECRET_ID, TENCENT_SECRET_KEY, host, payload, timestamp)
+    
+    try:
+        async with httpx.AsyncClient(timeout=30.0) as client:
+            resp = await client.post(f"https://{host}", content=payload, headers=headers)
+            result = resp.json()
+        
+        response = result.get("Response", {})
+        
+        if "Error" in response:
+            logger.error(f"腾讯云审核API错误: {response['Error']}")
+            return ModerationResult(passed=True, suggestion="pass", 
+                                   details={"error": response["Error"]})
+        
+        # 解析审核结果
+        suggestion = response.get("Suggestion", "Pass").lower()
+        label = response.get("Label", "")
+        score = response.get("Score", 0)
+        
+        passed = suggestion == "pass"
+        
+        logger.info(f"腾讯云审核结果: suggestion={suggestion}, label={label}, score={score}")
+        
+        return ModerationResult(
+            passed=passed,
+            label=label,
+            confidence=score,
+            suggestion=suggestion,
+            details=response
+        )
+        
+    except Exception as e:
+        logger.error(f"腾讯云审核异常: {str(e)}")
+        # 审核服务异常时默认放行，避免影响正常业务
+        return ModerationResult(passed=True, suggestion="pass", 
+                               details={"error": str(e)})
+
+# ==========================================
+# 🟠 阿里云图片审核
+# ==========================================
+
+def _aliyun_sign(access_key_secret: str, string_to_sign: str) -> str:
+    """阿里云 ROA 签名"""
+    signature = hmac.new(
+        (access_key_secret + "&").encode("utf-8"),
+        string_to_sign.encode("utf-8"),
+        hashlib.sha1
+    ).digest()
+    return base64.b64encode(signature).decode("utf-8")
+
+def _build_aliyun_signature(method: str, headers: dict, uri: str, access_key_secret: str) -> str:
+    """
+    构建阿里云 ROA 风格签名
+    参考: https://help.aliyun.com/document_detail/315526.html
+    """
+    # 1. 构建 CanonicalizedHeaders
+    acs_headers = {}
+    for key, value in headers.items():
+        lower_key = key.lower()
+        if lower_key.startswith("x-acs-"):
+            acs_headers[lower_key] = value
+    
+    sorted_headers = sorted(acs_headers.items())
+    canonical_headers = "\n".join([f"{k}:{v}" for k, v in sorted_headers])
+    
+    # 2. 构建 StringToSign
+    content_type = headers.get("Content-Type", "")
+    accept = headers.get("Accept", "")
+    
+    string_to_sign = f"{method}\n{accept}\n\n{content_type}\n\n{canonical_headers}\n{uri}"
+    
+    # 3. 计算签名
+    return _aliyun_sign(access_key_secret, string_to_sign)
+
+async def moderate_image_aliyun(image_content: bytes) -> ModerationResult:
+    """
+    阿里云图片审核
+    API文档: https://help.aliyun.com/document_detail/70292.html
+    """
+    if not ALIYUN_ACCESS_KEY_ID or not ALIYUN_ACCESS_KEY_SECRET:
+        logger.warning("阿里云审核未配置，跳过审核")
+        return ModerationResult(passed=True, suggestion="pass")
+    
+    # Base64 编码图片
+    file_content_base64 = base64.b64encode(image_content).decode("utf-8")
+    
+    # 使用阿里云内容安全 API (绿网)
+    endpoint = f"https://green.{ALIYUN_REGION}.aliyuncs.com"
+    uri = "/green/image/scan"
+    
+    # 构建请求体
+    payload = {
+        "scenes": ["porn", "terrorism", "ad"],  # 鉴黄、暴恐、广告
+        "tasks": [{
+            "dataId": str(uuid.uuid4()),
+            "content": file_content_base64,
+            "type": "BASE64"
+        }]
+    }
+    payload_str = json.dumps(payload)
+    
+    # 签名参数
+    timestamp = datetime.utcnow().strftime("%Y-%m-%dT%H:%M:%SZ")
+    nonce = str(uuid.uuid4())
+    
+    # 🔒 正确构建头部（包含签名所需字段）
+    headers = {
+        "Accept": "application/json",
+        "Content-Type": "application/json",
+        "x-acs-version": "2018-05-09",
+        "x-acs-signature-method": "HMAC-SHA1",
+        "x-acs-signature-version": "1.0",
+        "x-acs-signature-nonce": nonce,
+        "Date": timestamp,
+    }
+    
+    # 🔒 计算签名
+    signature = _build_aliyun_signature("POST", headers, uri, ALIYUN_ACCESS_KEY_SECRET)
+    
+    # 添加 Authorization 头部
+    headers["Authorization"] = f"acs {ALIYUN_ACCESS_KEY_ID}:{signature}"
+    
+    try:
+        async with httpx.AsyncClient(timeout=30.0) as client:
+            resp = await client.post(
+                f"{endpoint}{uri}",
+                content=payload_str,
+                headers=headers
+            )
+            result = resp.json()
+        
+        # 解析审核结果
+        if result.get("code") != 200:
+            logger.error(f"阿里云审核API错误: {result}")
+            return ModerationResult(passed=True, suggestion="pass",
+                                   details={"error": result})
+        
+        data = result.get("data", [])
+        if not data:
+            return ModerationResult(passed=True, suggestion="pass")
+        
+        task_result = data[0].get("results", [])
+        
+        # 检查所有场景的审核结果
+        max_rate = 0
+        block_label = ""
+        overall_suggestion = "pass"
+        
+        for scene_result in task_result:
+            scene = scene_result.get("scene", "")
+            suggestion = scene_result.get("suggestion", "pass")
+            rate = scene_result.get("rate", 0)
+            label = scene_result.get("label", "")
+            
+            if suggestion == "block":
+                overall_suggestion = "block"
+                if rate > max_rate:
+                    max_rate = rate
+                    block_label = f"{scene}:{label}"
+            elif suggestion == "review" and overall_suggestion != "block":
+                overall_suggestion = "review"
+                if rate > max_rate:
+                    max_rate = rate
+                    block_label = f"{scene}:{label}"
+        
+        passed = overall_suggestion == "pass"
+        
+        logger.info(f"阿里云审核结果: suggestion={overall_suggestion}, label={block_label}, rate={max_rate}")
+        
+        return ModerationResult(
+            passed=passed,
+            label=block_label,
+            confidence=max_rate * 100,
+            suggestion=overall_suggestion,
+            details=result
+        )
+        
+    except Exception as e:
+        logger.error(f"阿里云审核异常: {str(e)}")
+        # 审核服务异常时默认放行
+        return ModerationResult(passed=True, suggestion="pass",
+                               details={"error": str(e)})
+
+# ==========================================
+# 🎯 统一审核入口（智能额度管理）
+# ==========================================
+
+# 🔒 动态配置检查
+SYSTEM_CONFIG_FILE = "/tmp/system_config.json"
+
+def _is_moderation_enabled() -> bool:
+    """
+    检查图片审核是否启用
+    优先检查系统配置文件，其次检查环境变量
+    """
+    # 1️⃣ 优先检查系统配置文件（管理员动态设置）
+    try:
+        if os.path.exists(SYSTEM_CONFIG_FILE):
+            with open(SYSTEM_CONFIG_FILE, "r") as f:
+                config = json.load(f)
+                if "image_moderation_enabled" in config:
+                    return config["image_moderation_enabled"] == True
+    except Exception as e:
+        logger.debug(f"读取系统配置失败: {e}")
+    
+    # 2️⃣ 回退到环境变量
+    return MODERATION_ENABLED
+
+
+async def moderate_image(image_content: bytes, file_ext: str = "") -> ModerationResult:
+    """
+    统一图片审核入口
+    
+    策略：阿里云优先(3000次/月) → 腾讯云兆底(10000次/月) → 都用完则跳过
+    
+    Args:
+        image_content: 图片二进制内容
+        file_ext: 文件扩展名（用于判断是否需要审核）
+    
+    Returns:
+        ModerationResult: 审核结果
+    """
+    # 跳过非图片文件
+    if file_ext.lower() in ["json", "mp4"]:
+        return ModerationResult(passed=True, suggestion="pass", 
+                               details={"skipped": True, "reason": "非图片文件"})
+    
+    # 检查是否启用审核（支持动态配置）
+    if not _is_moderation_enabled():
+        logger.debug("图片审核未启用")
+        return ModerationResult(passed=True, suggestion="pass",
+                               details={"skipped": True, "reason": "审核未启用"})
+    
+    # 💰 智能选择服务商（基于免费额度）
+    provider = _get_available_provider()
+    
+    if provider is None:
+        logger.warning("本月免费审核额度已用完，跳过审核")
+        return ModerationResult(passed=True, suggestion="pass",
+                               details={"skipped": True, "reason": "免费额度已用完"})
+    
+    # 执行审核
+    if provider == "aliyun":
+        result = await moderate_image_aliyun(image_content)
+    else:
+        result = await moderate_image_tencent(image_content)
+    
+    # 记录使用次数（只有审核成功才计数）
+    if "error" not in result.details:
+        _increment_quota(provider)
+    
+    result.details["provider"] = provider
+    return result
+
+def moderate_image_sync(image_content: bytes, file_ext: str = "") -> ModerationResult:
+    """
+    同步版本的图片审核（用于非异步上下文）
+    """
+    import asyncio
+    
+    try:
+        loop = asyncio.get_event_loop()
+    except RuntimeError:
+        loop = asyncio.new_event_loop()
+        asyncio.set_event_loop(loop)
+    
+    return loop.run_until_complete(moderate_image(image_content, file_ext))

models.py

@@ -63,6 +63,8 @@ class ItemCreate(BaseModel):
     author: str 
     price: int = 0
     github_token: Optional[str] = None
+    netdisk_password: Optional[str] = None  # ☁️ 网盘提取码（加密存储，购买后解密）
+    is_netdisk: Optional[bool] = False      # ☁️ 是否为网盘资源
 
 class ItemUpdate(BaseModel):
     title: Optional[str] = None
@@ -73,6 +75,8 @@ class ItemUpdate(BaseModel):
     imageUrls: Optional[List[str]] = []
     price: Optional[int] = None
     github_token: Optional[str] = None
+    netdisk_password: Optional[str] = None  # ☁️ 网盘提取码
+    is_netdisk: Optional[bool] = None       # ☁️ 是否为网盘资源
 
 class FollowToggle(BaseModel):
     user_id: str
@@ -220,4 +224,23 @@ class TaskDisputeResolve(BaseModel):
     admin_account: str                      # 管理员账号
     result: str                             # 仲裁结果: support_initiator / support_respondent / split
     split_ratio: Optional[int] = 50         # 分成比例（申诉方获得的百分比，仅当result=split时有效）
-    admin_note: Optional[str] = None        # 管理员备注
+    admin_note: Optional[str] = None        # 管理员备注
+
+# ==========================================
+# 💬 讨论区数据模型（小红书风格图文社区）
+# ==========================================
+
+class PostCreate(BaseModel):
+    """ 创建帖子 """
+    title: str                              # 标题
+    content: str                            # 正文/文案
+    cover_image: str                        # 封面图（第一张）
+    images: Optional[List[str]] = []       # 图片列表（最多9张）
+    author: str                             # 作者账号
+
+class PostUpdate(BaseModel):
+    """ 更新帖子 """
+    title: Optional[str] = None
+    content: Optional[str] = None
+    cover_image: Optional[str] = None
+    images: Optional[List[str]] = None

models_sql.py

@@ -1,5 +1,11 @@
 # models_sql.py
-from sqlalchemy import Column, Integer, String, DateTime
+# ==========================================
+# 🗄️ SQL 数据库模型定义
+# ==========================================
+# 🚀 P1性能优化：添加复合索引加速查询
+# ==========================================
+
+from sqlalchemy import Column, Integer, String, DateTime, Boolean, Index, func
 from sqlalchemy.orm import declarative_base
 import datetime
 
@@ -26,6 +32,27 @@ class Ownership(Base):
     account = Column(String, index=True)
     item_id = Column(String, index=True)
     purchased_at = Column(DateTime, default=datetime.datetime.utcnow)
+    # 🔄 P7后悔模式增强
+    price_paid = Column(Integer, default=0)       # 购买时支付的价格
+    is_refunded = Column(Boolean, default=False)  # 是否已退款
+    refunded_at = Column(DateTime, nullable=True) # 退款时间
+    
+    # 🚀 P1性能优化：复合索引
+    __table_args__ = (
+        Index('ix_ownerships_account_item', 'account', 'item_id'),
+        Index('ix_ownerships_account_refunded', 'account', 'is_refunded'),
+    )
+
+class Refund(Base):
+    """🔄 P7后悔模式：退款记录表"""
+    __tablename__ = "refunds"
+    
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    account = Column(String, index=True)          # 退款用户
+    item_id = Column(String, index=True)          # 退款商品
+    amount = Column(Integer)                       # 退款金额
+    refunded_at = Column(DateTime, default=datetime.datetime.utcnow)
+    ban_until = Column(DateTime)                   # 禁止购买截止时间（30天后）
 
 class Transaction(Base):
     """交易流水表"""
@@ -33,10 +60,16 @@ class Transaction(Base):
     
     tx_id = Column(String, primary_key=True)
     account = Column(String, index=True)
-    tx_type = Column(String)                     # 枚举: RECHARGE, PURCHASE, EARN, TIP_SEND, TIP_RECEIVE, WITHDRAW_APPLY
+    tx_type = Column(String)                     # 枚举: RECHARGE, PURCHASE, EARN, TIP_SEND, TIP_RECEIVE, WITHDRAW_APPLY, REFUND
     amount = Column(Integer)
     related_account = Column(String, nullable=True)
     item_id = Column(String, nullable=True)
-    created_at = Column(DateTime, default=datetime.datetime.utcnow)
+    created_at = Column(DateTime, default=datetime.datetime.utcnow, index=True)  # 🚀 P1: 添加时间索引
     prev_hash = Column(String)                   # 上一笔订单的哈希
-    tx_hash = Column(String)                     # 本笔订单的哈希 (防篡改)
+    tx_hash = Column(String)                     # 本笔订单的哈希 (防篡改)
+    
+    # 🚀 P1性能优化：复合索引
+    __table_args__ = (
+        Index('ix_transactions_account_type', 'account', 'tx_type'),
+        Index('ix_transactions_account_created', 'account', 'created_at'),
+    )

rate_limiter.py

@@ -0,0 +1,164 @@
+# rate_limiter.py
+# ==========================================
+# 🔒 P0安全优化：API 限流配置
+# ==========================================
+# 作用：防止恶意刷接口、暴力破解、DDoS 攻击
+# 关联文件：
+#   - app.py (全局限流器初始化)
+#   - 各 router_*.py (应用限流装饰器)
+# ==========================================
+
+from slowapi import Limiter
+from slowapi.util import get_remote_address
+from functools import wraps
+import time
+import logging
+
+logger = logging.getLogger("ComfyUI-Ranking.RateLimiter")
+
+# ==========================================
+# 📊 限流配置
+# ==========================================
+
+# 全局限流器实例（在 app.py 中初始化）
+limiter = Limiter(key_func=get_remote_address)
+
+# 限流规则定义
+RATE_LIMITS = {
+    # 🔐 认证相关（严格限制）
+    "login": "5/minute",           # 登录：每分钟5次
+    "register": "3/minute",         # 注册：每分钟3次
+    "reset_password": "3/minute",   # 重置密码：每分钟3次
+    "send_code": "1/minute",        # 发送验证码：每分钟1次
+    
+    # 💰 金融操作（严格限制）
+    "purchase": "10/minute",        # 购买：每分钟10次
+    "refund": "3/minute",           # 退款：每分钟3次
+    "withdraw": "3/minute",         # 提现：每分钟3次
+    "tip": "20/minute",             # 打赏：每分钟20次
+    
+    # 📝 内容操作（中等限制）
+    "create_item": "10/minute",     # 发布内容：每分钟10次
+    "update_item": "30/minute",     # 更新内容：每分钟30次
+    "create_task": "5/minute",      # 创建任务：每分钟5次
+    "create_post": "10/minute",     # 发帖：每分钟10次
+    "comment": "30/minute",         # 评论：每分钟30次
+    
+    # 🔄 互动操作（宽松限制）
+    "like": "60/minute",            # 点赞：每分钟60次
+    "follow": "30/minute",          # 关注：每分钟30次
+    "message": "30/minute",         # 私信：每分钟30次
+    
+    # 📖 查询操作（最宽松）
+    "read": "100/minute",           # 读取：每分钟100次
+    "search": "30/minute",          # 搜索：每分钟30次
+    
+    # 📤 上传操作（严格限制）
+    "upload": "20/minute",          # 上传：每分钟20次
+    
+    # 🌐 默认限制
+    "default": "60/minute",         # 默认：每分钟60次
+}
+
+
+# ==========================================
+# 🔧 限流工具函数
+# ==========================================
+
+def get_limit(action: str) -> str:
+    """获取指定操作的限流规则"""
+    return RATE_LIMITS.get(action, RATE_LIMITS["default"])
+
+
+# ==========================================
+# 🛡️ 用户级限流（基于账号）
+# ==========================================
+
+# 用户请求计数器
+user_request_counts = {}
+USER_LIMIT_WINDOW = 60  # 时间窗口（秒）
+USER_LIMIT_MAX = 100    # 每用户每分钟最大请求数
+
+
+def check_user_rate_limit(account: str) -> bool:
+    """
+    检查用户级限流
+    返回 True 表示允许请求，False 表示超限
+    """
+    if not account:
+        return True
+    
+    now = time.time()
+    key = f"user:{account}"
+    
+    # 清理过期记录
+    if key in user_request_counts:
+        user_request_counts[key] = [
+            t for t in user_request_counts[key] 
+            if now - t < USER_LIMIT_WINDOW
+        ]
+    else:
+        user_request_counts[key] = []
+    
+    # 检查是否超限
+    if len(user_request_counts[key]) >= USER_LIMIT_MAX:
+        logger.warning(f"RATE_LIMIT | user={account} | requests={len(user_request_counts[key])}")
+        return False
+    
+    # 记录请求
+    user_request_counts[key].append(now)
+    return True
+
+
+def user_rate_limit_decorator(func):
+    """用户级限流装饰器"""
+    @wraps(func)
+    async def wrapper(*args, **kwargs):
+        # 尝试从参数中获取用户账号
+        account = kwargs.get('current_user') or kwargs.get('account')
+        
+        if account and not check_user_rate_limit(account):
+            from fastapi import HTTPException
+            raise HTTPException(
+                status_code=429, 
+                detail="请求过于频繁，请稍后再试"
+            )
+        
+        return await func(*args, **kwargs)
+    return wrapper
+
+
+# ==========================================
+# 📊 限流统计
+# ==========================================
+
+# IP 请求统计（用于监控）
+ip_stats = {}
+
+
+def record_request(ip: str, endpoint: str):
+    """记录请求用于统计"""
+    now = time.time()
+    key = f"{ip}:{endpoint}"
+    
+    if key not in ip_stats:
+        ip_stats[key] = {"count": 0, "first_request": now}
+    
+    ip_stats[key]["count"] += 1
+    ip_stats[key]["last_request"] = now
+
+
+def get_ip_stats():
+    """获取 IP 请求统计"""
+    return ip_stats
+
+
+def clear_old_stats(max_age: int = 3600):
+    """清理超过指定时间的统计数据"""
+    now = time.time()
+    keys_to_remove = [
+        k for k, v in ip_stats.items() 
+        if now - v.get("last_request", 0) > max_age
+    ]
+    for k in keys_to_remove:
+        del ip_stats[k]

router_items.py

@@ -42,8 +42,9 @@ async def get_items(type: str = "tool", sort: str = "time", limit: int = 50): #
         item["comments"] = len(item["commentsData"])
         item["latest_version"] = versions_db.get(item["id"], "")
         
-        # 🔴 【绝对核心防线】：在下发给前端前，强行在内存中抹除创作者的 Token！
+        # 🔴 【绝对核心防线】：在下发给前端前，强行在内存中抹除敏感信息！
         item.pop("github_token", None)
+        item.pop("netdisk_password", None)  # ☁️ 网盘密码不在列表中显示
         
     if sort == "likes": filtered_items.sort(key=lambda x: x.get("likes", 0), reverse=True)
     elif sort == "favorites": filtered_items.sort(key=lambda x: x.get("favorites", 0), reverse=True)
@@ -133,8 +134,12 @@ async def create_item(item: ItemCreate):
     items_db = db.load_data("items.json", default_data=[])
     new_item = {
         "id": f"{item.type}_{int(time.time())}_{uuid.uuid4().hex[:6]}", "type": item.type, "title": item.title, "author": item.author,
-        "shortDesc": item.shortDesc, "fullDesc": item.fullDesc, "link": item.link, "coverUrl": item.coverUrl, "price": item.price, 
+        "shortDesc": item.shortDesc, "fullDesc": item.fullDesc, "link": item.link, "coverUrl": item.coverUrl, 
+        "imageUrls": item.imageUrls or [],  # 🖼️ 效果展示图列表
+        "price": item.price, 
         "github_token": item.github_token,
+        "netdisk_password": item.netdisk_password,  # ☁️ 网盘密码
+        "is_netdisk": item.is_netdisk,              # ☁️ 是否网盘资源
         "likes": 0, "favorites": 0, "comments": 0, "uses": 0, "use_history": {}, "created_at": int(time.time()), "liked_by": [], "favorited_by": []
     }
     items_db.insert(0, new_item)
@@ -146,6 +151,7 @@ async def update_item(item_id: str, update_data: ItemUpdate, current_user: str =
     """
     更新内容接口
     🔒 P0安全修复：使用 JWT Token 验证用户身份，而非前端传入的 author 参数
+    🔄 P7后悔模式：价格修改延迟24小时生效
     """
     if update_data.price is not None:
         update_data.price = int(update_data.price)
@@ -159,16 +165,48 @@ async def update_item(item_id: str, update_data: ItemUpdate, current_user: str =
             if item.get("author") != current_user: 
                 raise HTTPException(status_code=403, detail="无权修改他人发布的内容")
             
+            price_change_info = None
+            
             if update_data.title is not None: item["title"] = update_data.title
             if update_data.shortDesc is not None: item["shortDesc"] = update_data.shortDesc
             if update_data.fullDesc is not None: item["fullDesc"] = update_data.fullDesc
             if update_data.link is not None: item["link"] = update_data.link
             if update_data.coverUrl is not None: item["coverUrl"] = update_data.coverUrl
-            if update_data.price is not None: item["price"] = update_data.price
+            if update_data.imageUrls is not None: item["imageUrls"] = update_data.imageUrls  # 🖼️ 效果展示图列表
+            
+            # 🔄 P7后悔模式：价格修改延迟24小时生效
+            if update_data.price is not None:
+                current_price = item.get("price", 0)
+                new_price = update_data.price
+                
+                if current_price != new_price:
+                    # 设置待生效价格，24小时后生效
+                    import datetime
+                    effective_time = datetime.datetime.now() + datetime.timedelta(hours=24)
+                    item["pending_price"] = new_price
+                    item["pending_price_effective_at"] = effective_time.isoformat()
+                    price_change_info = {
+                        "current_price": current_price,
+                        "new_price": new_price,
+                        "effective_at": effective_time.isoformat()
+                    }
+                    # 不立即修改 price，等待24小时后生效
+                else:
+                    # 价格未变，清除待生效价格
+                    item["pending_price"] = None
+                    item["pending_price_effective_at"] = None
+            
             if update_data.github_token is not None: item["github_token"] = update_data.github_token 
+            if update_data.netdisk_password is not None: item["netdisk_password"] = update_data.netdisk_password  # ☁️
+            if update_data.is_netdisk is not None: item["is_netdisk"] = update_data.is_netdisk  # ☁️
             
             db.save_data("items.json", items_db)
-            return {"status": "success"}
+            
+            result = {"status": "success"}
+            if price_change_info:
+                result["price_change"] = price_change_info
+                result["message"] = f"价格将于24小时后从{current_price}调整为{new_price}积分"
+            return result
             
     raise HTTPException(status_code=404, detail="找不到该内容记录")
 

router_posts.py

@@ -1,278 +1,368 @@
-# router_posts.py
+# 云端Space代码/router_posts.py
 # ==========================================
-# 💬 讨论区路由模块
+# 💬 讨论区API路由（小红书风格图文社区）
 # ==========================================
-# 作用：处理讨论区内容的增删改查和互动功能
-# 关联文件：
-#   - 数据库连接.py (JSON数据库读写 posts.json)
-#   - models.py (PostCreate, PostUpdate, PostInteraction)
-# 前端调用：
-#   - 讨论区列表组件.js (获取帖子列表)
-#   - 讨论区发布组件.js (发布新帖子)
-#   - 讨论区详情组件.js (帖子详情、互动操作)
+# 功能：帖子发布、列表、详情、互动（点赞/收藏/评论/打赏）
 # ==========================================
 
-from fastapi import APIRouter, HTTPException
-import 数据库连接 as db
-from models import PostCreate, PostUpdate, PostInteraction
+from fastapi import APIRouter, HTTPException, Depends
+from models import PostCreate, PostUpdate
+from 数据库连接 import db
+from 安全认证 import require_auth
 import time
 import uuid
 
-# 创建子路由实例
 router = APIRouter()
 
-
 # ==========================================
-# 📖 获取讨论区列表
+# 📝 帖子CRUD接口
 # ==========================================
+
 @router.get("/api/posts")
-async def get_posts(sort: str = "time", page: int = 1, page_size: int = 20):
+async def get_posts(page: int = 1, limit: int = 20):
     """
-    获取讨论区帖子列表
-    
-    查询参数：
-        - sort: 排序方式 (time=最新, hot=最热)
-        - page: 页码
-        - page_size: 每页数量
+    获取帖子列表（分页，按时间倒序）
     """
     posts_db = db.load_data("posts.json", default_data=[])
+    users_db = db.load_data("users.json", default_data=[])
     
-    # 排序
-    if sort == "hot":
-        # 最热：按点赞+收藏加权排序
-        posts_db.sort(key=lambda x: x.get("likes", 0) * 2 + x.get("favorites", 0), reverse=True)
-    else:
-        # 最新：按创建时间倒序
-        posts_db.sort(key=lambda x: x.get("createdAt", 0), reverse=True)
+    # 构建用户信息映射
+    user_map = {u["account"]: u for u in users_db}
+    
+    # 按创建时间倒序
+    sorted_posts = sorted(posts_db, key=lambda x: x.get("created_at", 0), reverse=True)
     
     # 分页
-    start = (page - 1) * page_size
-    end = start + page_size
-    paginated = posts_db[start:end]
+    start = (page - 1) * limit
+    end = start + limit
+    paged_posts = sorted_posts[start:end]
+    
+    # 附加作者信息
+    result = []
+    for post in paged_posts:
+        author_info = user_map.get(post.get("author"), {})
+        post_data = {
+            **post,
+            "author_name": author_info.get("name", post.get("author")),
+            "author_avatar": author_info.get("avatar", "")
+        }
+        result.append(post_data)
     
     return {
         "status": "success",
-        "data": paginated,
+        "data": result,
         "total": len(posts_db),
         "page": page,
-        "page_size": page_size
+        "limit": limit
     }
 
+@router.get("/api/my-posts")
+async def get_my_posts(current_user: str = Depends(require_auth)):
+    """
+    获取我的帖子列表
+    """
+    posts_db = db.load_data("posts.json", default_data=[])
+    
+    # 筛选当前用户的帖子
+    my_posts = [p for p in posts_db if p.get("author") == current_user]
+    
+    # 按创建时间倒序
+    my_posts = sorted(my_posts, key=lambda x: x.get("created_at", 0), reverse=True)
+    
+    return {
+        "status": "success",
+        "data": my_posts
+    }
 
-# ==========================================
-# 📖 获取单个帖子详情
-# ==========================================
 @router.get("/api/posts/{post_id}")
 async def get_post_detail(post_id: str):
     """
     获取帖子详情
     """
     posts_db = db.load_data("posts.json", default_data=[])
+    users_db = db.load_data("users.json", default_data=[])
     
-    post = next((p for p in posts_db if p.get("id") == post_id), None)
-    if not post:
-        raise HTTPException(status_code=404, detail="帖子不存在")
+    user_map = {u["account"]: u for u in users_db}
     
-    # 增加浏览量
-    post["views"] = post.get("views", 0) + 1
-    db.save_data("posts.json", posts_db)
+    for post in posts_db:
+        if post["id"] == post_id:
+            author_info = user_map.get(post.get("author"), {})
+            return {
+                "status": "success",
+                "data": {
+                    **post,
+                    "author_name": author_info.get("name", post.get("author")),
+                    "author_avatar": author_info.get("avatar", "")
+                }
+            }
     
-    return {"status": "success", "data": post}
-
+    raise HTTPException(status_code=404, detail="帖子不存在")
 
-# ==========================================
-# ✏️ 发布新帖子
-# ==========================================
 @router.post("/api/posts")
-async def create_post(post_data: PostCreate):
+async def create_post(post: PostCreate, current_user: str = Depends(require_auth)):
     """
-    发布新帖子
+    发布帖子
     """
     posts_db = db.load_data("posts.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
     
-    # 获取作者信息
-    author_info = users_db.get(post_data.author, {})
+    # 限制图片数量
+    images = (post.images or [])[:9]
     
-    # 构建新帖子对象
     new_post = {
-        "id": f"post_{uuid.uuid4().hex[:12]}",
-        "type": "discussion",
-        "title": post_data.title,
-        "content": post_data.content,
-        "coverImage": post_data.coverImage,
-        "images": post_data.images or [],
-        
-        # 作者信息快照
-        "author": post_data.author,
-        "authorName": author_info.get("name", post_data.author),
-        "authorAvatar": author_info.get("avatarDataUrl", ""),
-        
-        # 互动数据初始化
+        "id": f"post_{int(time.time())}_{uuid.uuid4().hex[:6]}",
+        "title": post.title,
+        "content": post.content,
+        "cover_image": post.cover_image,
+        "images": images,
+        "author": current_user,
+        "created_at": int(time.time()),
+        # 互动数据
         "likes": 0,
         "favorites": 0,
         "comments": 0,
-        "views": 0,
-        
-        # 点赞/收藏用户列表（用于判断当前用户是否已操作）
-        "likedBy": [],
-        "favoritedBy": [],
-        
-        # 打赏数据
-        "tip_board": [],
-        "totalTips": 0,
-        
-        # 时间戳
-        "createdAt": int(time.time()),
-        "updatedAt": int(time.time())
+        "liked_by": [],
+        "favorited_by": [],
+        "tip_board": []  # 打赏榜单
     }
     
-    posts_db.insert(0, new_post)  # 插入到列表头部
+    posts_db.insert(0, new_post)
     db.save_data("posts.json", posts_db)
     
     return {"status": "success", "data": new_post}
 
-
-# ==========================================
-# ✏️ 更新帖子
-# ==========================================
 @router.put("/api/posts/{post_id}")
-async def update_post(post_id: str, update_data: PostUpdate, author: str = None):
+async def update_post(post_id: str, update_data: PostUpdate, current_user: str = Depends(require_auth)):
     """
-    更新帖子内容
+    更新帖子（仅作者可操作）
     """
     posts_db = db.load_data("posts.json", default_data=[])
     
-    post_idx = next((i for i, p in enumerate(posts_db) if p.get("id") == post_id), None)
-    if post_idx is None:
-        raise HTTPException(status_code=404, detail="帖子不存在")
+    for post in posts_db:
+        if post["id"] == post_id:
+            if post.get("author") != current_user:
+                raise HTTPException(status_code=403, detail="无权修改他人帖子")
+            
+            if update_data.title is not None:
+                post["title"] = update_data.title
+            if update_data.content is not None:
+                post["content"] = update_data.content
+            if update_data.cover_image is not None:
+                post["cover_image"] = update_data.cover_image
+            if update_data.images is not None:
+                post["images"] = update_data.images[:9]
+            
+            db.save_data("posts.json", posts_db)
+            return {"status": "success"}
     
-    post = posts_db[post_idx]
+    raise HTTPException(status_code=404, detail="帖子不存在")
+
+@router.delete("/api/posts/{post_id}")
+async def delete_post(post_id: str, current_user: str = Depends(require_auth)):
+    """
+    删除帖子（仅作者可操作）
+    """
+    posts_db = db.load_data("posts.json", default_data=[])
     
-    # 权限校验：只有作者可以修改
-    if author and post.get("author") != author:
-        raise HTTPException(status_code=403, detail="无权修改此帖子")
+    for i, post in enumerate(posts_db):
+        if post["id"] == post_id:
+            if post.get("author") != current_user:
+                raise HTTPException(status_code=403, detail="无权删除他人帖子")
+            
+            posts_db.pop(i)
+            db.save_data("posts.json", posts_db)
+            return {"status": "success"}
     
-    # 更新字段
-    for k, v in update_data.dict(exclude_unset=True).items():
-        if v is not None:
-            post[k] = v
+    raise HTTPException(status_code=404, detail="帖子不存在")
+
+# ==========================================
+# ❤️ 互动接口（点赞/收藏）
+# ==========================================
+
+@router.post("/api/posts/{post_id}/like")
+async def toggle_like(post_id: str, current_user: str = Depends(require_auth)):
+    """
+    点赞/取消点赞
+    """
+    posts_db = db.load_data("posts.json", default_data=[])
     
-    post["updatedAt"] = int(time.time())
-    db.save_data("posts.json", posts_db)
+    for post in posts_db:
+        if post["id"] == post_id:
+            liked_by = post.get("liked_by", [])
+            
+            if current_user in liked_by:
+                liked_by.remove(current_user)
+                post["likes"] = max(0, post.get("likes", 0) - 1)
+                action = "unliked"
+            else:
+                liked_by.append(current_user)
+                post["likes"] = post.get("likes", 0) + 1
+                action = "liked"
+            
+            post["liked_by"] = liked_by
+            db.save_data("posts.json", posts_db)
+            
+            return {"status": "success", "action": action, "likes": post["likes"]}
     
-    return {"status": "success", "data": post}
+    raise HTTPException(status_code=404, detail="帖子不存在")
 
+@router.post("/api/posts/{post_id}/favorite")
+async def toggle_favorite(post_id: str, current_user: str = Depends(require_auth)):
+    """
+    收藏/取消收藏
+    """
+    posts_db = db.load_data("posts.json", default_data=[])
+    
+    for post in posts_db:
+        if post["id"] == post_id:
+            favorited_by = post.get("favorited_by", [])
+            
+            if current_user in favorited_by:
+                favorited_by.remove(current_user)
+                post["favorites"] = max(0, post.get("favorites", 0) - 1)
+                action = "unfavorited"
+            else:
+                favorited_by.append(current_user)
+                post["favorites"] = post.get("favorites", 0) + 1
+                action = "favorited"
+            
+            post["favorited_by"] = favorited_by
+            db.save_data("posts.json", posts_db)
+            
+            return {"status": "success", "action": action, "favorites": post["favorites"]}
+    
+    raise HTTPException(status_code=404, detail="帖子不存在")
 
 # ==========================================
-# 🗑️ 删除帖子
+# 🎁 打赏接口
 # ==========================================
-@router.delete("/api/posts/{post_id}")
-async def delete_post(post_id: str, author: str = None):
+
+@router.post("/api/posts/{post_id}/tip")
+async def tip_post(post_id: str, amount: int, is_anon: bool = False, current_user: str = Depends(require_auth)):
     """
-    删除帖子
+    打赏帖子
     """
+    if amount <= 0:
+        raise HTTPException(status_code=400, detail="打赏金额必须大于0")
+    
     posts_db = db.load_data("posts.json", default_data=[])
+    users_db = db.load_data("users.json", default_data=[])
     
-    post_idx = next((i for i, p in enumerate(posts_db) if p.get("id") == post_id), None)
-    if post_idx is None:
+    # 查找帖子
+    target_post = None
+    for post in posts_db:
+        if post["id"] == post_id:
+            target_post = post
+            break
+    
+    if not target_post:
         raise HTTPException(status_code=404, detail="帖子不存在")
     
-    post = posts_db[post_idx]
+    # 不能打赏自己
+    if target_post.get("author") == current_user:
+        raise HTTPException(status_code=400, detail="不能打赏自己的帖子")
+    
+    # 检查余额
+    tipper = None
+    for u in users_db:
+        if u["account"] == current_user:
+            tipper = u
+            break
+    
+    if not tipper or tipper.get("balance", 0) < amount:
+        raise HTTPException(status_code=400, detail="余额不足")
     
-    # 权限校验
-    if author and post.get("author") != author:
-        raise HTTPException(status_code=403, detail="无权删除此帖子")
+    # 扣款
+    tipper["balance"] = tipper.get("balance", 0) - amount
+    
+    # 给作者加钱
+    for u in users_db:
+        if u["account"] == target_post.get("author"):
+            u["balance"] = u.get("balance", 0) + amount
+            break
+    
+    # 更新打赏榜单
+    tip_board = target_post.get("tip_board", [])
+    existing = next((t for t in tip_board if t["account"] == current_user), None)
+    if existing:
+        existing["amount"] += amount
+    else:
+        tip_board.append({
+            "account": current_user,
+            "amount": amount,
+            "is_anon": is_anon
+        })
+    
+    # 按金额排序
+    tip_board.sort(key=lambda x: x["amount"], reverse=True)
+    target_post["tip_board"] = tip_board
     
-    posts_db.pop(post_idx)
     db.save_data("posts.json", posts_db)
+    db.save_data("users.json", users_db)
     
-    return {"status": "success", "message": "帖子已删除"}
-
+    return {"status": "success", "message": f"成功打赏 {amount} 积分"}
 
 # ==========================================
-# ❤️ 点赞/收藏操作
+# 💬 评论接口（复用通用评论系统）
 # ==========================================
-@router.post("/api/posts/interaction")
-async def toggle_interaction(req: PostInteraction):
+
+@router.get("/api/posts/{post_id}/comments")
+async def get_post_comments(post_id: str):
     """
-    点赞或收藏帖子
-    
-    请求参数：
-        - post_id: 帖子ID
-        - user_id: 用户账号
-        - action_type: like / favorite
-        - is_active: True=添加, False=取消
+    获取帖子评论
     """
-    posts_db = db.load_data("posts.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
+    comments_db = db.load_data("comments.json", default_data=[])
+    users_db = db.load_data("users.json", default_data=[])
     
-    post_idx = next((i for i, p in enumerate(posts_db) if p.get("id") == req.post_id), None)
-    if post_idx is None:
-        raise HTTPException(status_code=404, detail="帖子不存在")
+    user_map = {u["account"]: u for u in users_db}
     
-    post = posts_db[post_idx]
-    
-    if req.action_type == "like":
-        liked_by = post.get("likedBy", [])
-        if req.is_active and req.user_id not in liked_by:
-            liked_by.append(req.user_id)
-            post["likes"] = post.get("likes", 0) + 1
-        elif not req.is_active and req.user_id in liked_by:
-            liked_by.remove(req.user_id)
-            post["likes"] = max(0, post.get("likes", 0) - 1)
-        post["likedBy"] = liked_by
-        
-    elif req.action_type == "favorite":
-        favorited_by = post.get("favoritedBy", [])
-        if req.is_active and req.user_id not in favorited_by:
-            favorited_by.append(req.user_id)
-            post["favorites"] = post.get("favorites", 0) + 1
-            # 同步到用户收藏列表
-            user = users_db.get(req.user_id, {})
-            user_favs = user.get("favorited_posts", [])
-            if req.post_id not in user_favs:
-                user_favs.append(req.post_id)
-                user["favorited_posts"] = user_favs
-                users_db[req.user_id] = user
-                db.save_data("users.json", users_db)
-        elif not req.is_active and req.user_id in favorited_by:
-            favorited_by.remove(req.user_id)
-            post["favorites"] = max(0, post.get("favorites", 0) - 1)
-            # 从用户收藏列表移除
-            user = users_db.get(req.user_id, {})
-            user_favs = user.get("favorited_posts", [])
-            if req.post_id in user_favs:
-                user_favs.remove(req.post_id)
-                user["favorited_posts"] = user_favs
-                users_db[req.user_id] = user
-                db.save_data("users.json", users_db)
-        post["favoritedBy"] = favorited_by
+    # 过滤该帖子的评论
+    post_comments = [c for c in comments_db if c.get("target_id") == post_id and c.get("target_type") == "post"]
     
-    db.save_data("posts.json", posts_db)
+    # 附加用户信息
+    result = []
+    for c in post_comments:
+        author_info = user_map.get(c.get("author"), {})
+        result.append({
+            **c,
+            "author_name": author_info.get("name", c.get("author")),
+            "author_avatar": author_info.get("avatar", "")
+        })
     
-    return {
-        "status": "success",
-        "data": {
-            "likes": post.get("likes", 0),
-            "favorites": post.get("favorites", 0),
-            "isLiked": req.user_id in post.get("likedBy", []),
-            "isFavorited": req.user_id in post.get("favoritedBy", [])
-        }
-    }
-
+    return {"status": "success", "data": result}
 
-# ==========================================
-# 📊 获取用户的帖子列表
-# ==========================================
-@router.get("/api/posts/user/{account}")
-async def get_user_posts(account: str):
+@router.post("/api/posts/{post_id}/comments")
+async def add_post_comment(post_id: str, content: str, current_user: str = Depends(require_auth)):
     """
-    获取指定用户发布的帖子
+    添加帖子评论
     """
+    if not content or not content.strip():
+        raise HTTPException(status_code=400, detail="评论内容不能为空")
+    
     posts_db = db.load_data("posts.json", default_data=[])
+    comments_db = db.load_data("comments.json", default_data=[])
+    
+    # 检查帖子是否存在
+    post_exists = any(p["id"] == post_id for p in posts_db)
+    if not post_exists:
+        raise HTTPException(status_code=404, detail="帖子不存在")
     
-    user_posts = [p for p in posts_db if p.get("author") == account]
-    user_posts.sort(key=lambda x: x.get("createdAt", 0), reverse=True)
+    new_comment = {
+        "id": f"comment_{int(time.time())}_{uuid.uuid4().hex[:6]}",
+        "target_id": post_id,
+        "target_type": "post",
+        "author": current_user,
+        "content": content.strip(),
+        "created_at": int(time.time())
+    }
+    
+    comments_db.insert(0, new_comment)
+    db.save_data("comments.json", comments_db)
+    
+    # 更新帖子评论数
+    for post in posts_db:
+        if post["id"] == post_id:
+            post["comments"] = post.get("comments", 0) + 1
+            break
+    db.save_data("posts.json", posts_db)
     
-    return {"status": "success", "data": user_posts}
+    return {"status": "success", "data": new_comment}

router_tasks.py

@@ -1,1411 +1,1028 @@
-# router_tasks.py
+# 云端Space代码/router_tasks.py
 # ==========================================
-# 📝 任务榜路由模块
+# 📝 任务榜API路由
 # ==========================================
-# 作用：处理任务榜的发布、申请、指派、提交、验收等功能
-# 关联文件：
-#   - 数据库连接.py (JSON数据库读写 tasks.json)
-#   - models.py (TaskCreate, TaskApply, TaskAssign 等)
-#   - router_wallet.py (订金/尾款支付)
-# 前端调用：
-#   - 任务榜列表组件.js (获取任务列表)
-#   - 任务榜发布组件.js (发布新任务)
-#   - 任务榜详情组件.js (任务详情、申请/指派/提交/验收)
-# ==========================================
-# P2 增强功能：
-#   - 余额预检与冻结
-#   - 交易明细记录
-#   - 过期自动退款
+# 功能：任务发布、接单、提交、验收、申诉全流程
+# 状态：open → in_progress → submitted → completed/disputed
+# 💳 P6支付增强：
+#   - 发布时冻结全额，避免支付不足
+#   - 记录每笔交易流水
+#   - 超时自动退款
 #   - 支付通知推送
-# P3 增强功能：
-#   - 验收申诉机制
-#   - 管理员仲裁
-#   - 争议资金分配
 # ==========================================
 
-from fastapi import APIRouter, HTTPException
-import 数据库连接 as db
-from models import TaskCreate, TaskUpdate, TaskApply, TaskAssign, TaskSubmit, TaskAccept, TaskDispute, TaskDisputeResponse, TaskDisputeResolve
+from fastapi import APIRouter, HTTPException, Depends, Query
+from sqlalchemy.orm import Session
+from models import TaskCreate, TaskUpdate, TaskApply, TaskAssign, TaskSubmit, TaskAccept
+from 数据库连接 import db
+from 安全认证 import require_auth
+from notifications import add_notification
+from database_sql import get_db
+from models_sql import Wallet, Transaction
 import time
 import uuid
-from datetime import datetime
+import hashlib
+import logging
 
-# 创建子路由实例
 router = APIRouter()
 
+# 📝 审计日志
+logger = logging.getLogger("ComfyUI-Ranking.Tasks")
 
 # ==========================================
-# 💰 P2增强：交易明细记录辅助函数
+# 💳 交易记录工具函数
 # ==========================================
-def _record_transaction(account: str, tx_type: str, amount: int, related_task_id: str = None, 
-                        target_account: str = None, note: str = ""):
+def calculate_tx_hash(tx_id, account, tx_type, amount, prev_hash):
+    data = f"{tx_id}{account}{tx_type}{amount}{prev_hash}"
+    return hashlib.sha256(data.encode()).hexdigest()
+
+def create_task_transaction(db_session: Session, account: str, tx_type: str, amount: int, related_account: str = None, task_id: str = None):
     """
-    记录交易明细
-    
-    tx_type 类型:
-        - task_freeze: 发布任务冻结
-        - task_unfreeze: 取消任务解冻
-        - deposit_pay: 支付订金
-        - deposit_receive: 收到订金
-        - final_pay: 支付尾款
-        - final_receive: 收到尾款
-        - task_refund: 任务退款
-        - expired_refund: 过期退款
+    创建任务相关交易记录
+    tx_type: TASK_FREEZE, TASK_DEPOSIT, TASK_PAYMENT, TASK_INCOME, TASK_REFUND
     """
-    transactions_db = db.load_data("transactions.json", default_data=[])
-    
-    transaction = {
-        "id": f"tx_{uuid.uuid4().hex[:12]}",
-        "account": account,
-        "type": tx_type,
-        "amount": amount,
-        "related_task_id": related_task_id,
-        "target_account": target_account,
-        "note": note,
-        "createdAt": int(time.time())
-    }
-    
-    transactions_db.insert(0, transaction)
-    db.save_data("transactions.json", transactions_db)
+    tx_id = f"TASK_{tx_type}_{int(time.time())}_{uuid.uuid4().hex[:6]}"
+    
+    last_tx = db_session.query(Transaction).filter(Transaction.account == account).order_by(Transaction.created_at.desc()).first()
+    prev_hash = last_tx.tx_hash if last_tx else "GENESIS_HASH"
+    tx_hash = calculate_tx_hash(tx_id, account, tx_type, amount, prev_hash)
+    
+    new_tx = Transaction(
+        tx_id=tx_id,
+        account=account,
+        tx_type=tx_type,
+        amount=amount,
+        related_account=related_account,
+        item_id=task_id,  # 复用 item_id 字段存储任务ID
+        prev_hash=prev_hash,
+        tx_hash=tx_hash
+    )
+    db_session.add(new_tx)
     
-    return transaction
+    logger.info(f"TASK_TX | type={tx_type} | account={account} | amount={amount} | task={task_id} | tx={tx_id}")
+    return tx_id
 
+# ==========================================
+# 📋 任务状态常量
+# ==========================================
+TASK_STATUS = {
+    "open": "开放接单",
+    "in_progress": "进行中",
+    "submitted": "待验收",
+    "completed": "已完成",
+    "disputed": "争议中",
+    "cancelled": "已取消",
+    "expired": "已过期"
+}
+
+# ==========================================
+# 📝 任务CRUD接口
+# ==========================================
 
-def _send_task_notification(account: str, title: str, content: str, task_id: str = None):
+# ==========================================
+# 🔄 过期任务自动处理 + 自动退款
+# ==========================================
+import datetime
+
+def check_and_update_expired_tasks(tasks_db, db_session=None):
     """
-    发送任务相关的系统通知
+    检查并更新过期任务状态
+    - open 状态且超过截止日期：自动取消，退还冻结金额
+    - in_progress 状态且超过截止日期：标记为过期（不自动取消，需双方处理）
+    💳 P6支付增强：过期时自动退款
     """
-    messages_db = db.load_data("messages.json", default_data={})
-    
-    if account not in messages_db:
-        messages_db[account] = []
+    today = datetime.date.today().isoformat()  # "2026-03-30"
+    updated = False
+    refund_tasks = []  # 需要退款的任务
     
-    notification = {
-        "id": f"msg_{uuid.uuid4().hex[:8]}",
-        "type": "task_notification",
-        "title": title,
-        "content": content,
-        "related_task_id": task_id,
-        "timestamp": int(time.time()),
-        "read": False
-    }
-    
-    messages_db[account].insert(0, notification)
-    db.save_data("messages.json", messages_db)
+    for task in tasks_db:
+        deadline = task.get("deadline", "")
+        status = task.get("status", "")
+        
+        if not deadline:
+            continue
+            
+        # 检查是否过期
+        if deadline < today:
+            if status == "open":
+                # 开放接单状态且过期：自动取消，退还冻结金额
+                task["status"] = "expired"
+                task["expired_at"] = int(time.time())
+                updated = True
+                
+                # 💳 记录需要退款的任务
+                frozen_amount = task.get("frozen_amount", task.get("total_price", 0))
+                if frozen_amount > 0:
+                    refund_tasks.append({
+                        "task_id": task["id"],
+                        "publisher": task.get("publisher"),
+                        "amount": frozen_amount,
+                        "title": task.get("title", "")
+                    })
+                    task["refunded"] = True
+                    task["refund_amount"] = frozen_amount
+                    
+            elif status == "in_progress":
+                # 进行中且过期：标记过期但不取消
+                task["is_overdue"] = True
+                updated = True
+    
+    # 💳 执行退款操作
+    if refund_tasks and db_session:
+        for refund in refund_tasks:
+            try:
+                wallet = db_session.query(Wallet).filter(Wallet.account == refund["publisher"]).with_for_update().first()
+                if wallet:
+                    wallet.frozen_balance = max(0, wallet.frozen_balance - refund["amount"])  # 减少冻结
+                    wallet.balance += refund["amount"]  # 返还余额
+                    
+                    # 记录退款交易
+                    create_task_transaction(
+                        db_session, refund["publisher"], "TASK_REFUND",
+                        refund["amount"], task_id=refund["task_id"]
+                    )
+                    
+                    # 发送退款通知
+                    add_notification(refund["publisher"], {
+                        "type": "task_refund",
+                        "from_user": "system",
+                        "target_item_id": refund["task_id"],
+                        "target_item_title": refund["title"],
+                        "content": f"💰 任务《{refund['title']}》已过期自动取消，{refund['amount']}积分已退还"
+                    })
+                    
+                    logger.info(f"TASK_REFUND | publisher={refund['publisher']} | task={refund['task_id']} | amount={refund['amount']}")
+            except Exception as e:
+                logger.error(f"TASK_REFUND_ERROR | task={refund['task_id']} | error={str(e)}")
+        
+        db_session.commit()
     
-    return notification
+    return updated
 
-
-# ==========================================
-# 📖 获取任务榜列表（仅显示未过期+招募中的任务）
-# ==========================================
 @router.get("/api/tasks")
-async def get_tasks(sort: str = "time", page: int = 1, page_size: int = 20):
+async def get_tasks(
+    page: int = 1, 
+    limit: int = 20, 
+    status: str = None,
+    sort: str = "latest",
+    db_session: Session = Depends(get_db)
+):
     """
-    获取任务列表
-    P2增强：过期自动退款
-    
-    查询参数：
-        - sort: 排序方式 (time=最新, price=价格最高)
-        - page: 页码
-        - page_size: 每页数量
+    获取任务列表（分页）
+    - status: 筛选���态（open/in_progress/completed/expired等）
+    - sort: latest(最新)/price(价格高)/deadline(截止日期近)
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
-    current_time = int(time.time())
+    users_db = db.load_data("users.json", default_data=[])
     
-    # 过滤：只显示 open 状态且未过期的任务
-    visible_tasks = []
-    users_updated = False
+    # 自动检查并更新过期任务（带自动退款）
+    if check_and_update_expired_tasks(tasks_db, db_session):
+        db.save_data("tasks.json", tasks_db)
     
-    for task in tasks_db:
-        # 检查是否过期
-        deadline_ts = _parse_deadline(task.get("deadline", ""))
-        if deadline_ts and deadline_ts < current_time:
-            # P2增强：过期自动退款
-            if task.get("status") in ["open", "assigned"]:
-                _handle_task_expiry(task, users_db)
-                users_updated = True
-            continue
-        
-        # 只显示招募中的任务
-        if task.get("status") == "open":
-            visible_tasks.append(task)
+    user_map = {u["account"]: u for u in users_db}
     
-    # 保存状态更新
-    db.save_data("tasks.json", tasks_db)
-    if users_updated:
-        db.save_data("users.json", users_db)
+    # 状态筛选（默认排除已取消和过期的）
+    filtered = tasks_db
+    if status:
+        filtered = [t for t in filtered if t.get("status") == status]
+    else:
+        # 默认不显示已取消和过期的任务
+        filtered = [t for t in filtered if t.get("status") not in ["cancelled", "expired"]]
     
     # 排序
     if sort == "price":
-        visible_tasks.sort(key=lambda x: x.get("totalPrice", 0), reverse=True)
-    else:
-        visible_tasks.sort(key=lambda x: x.get("createdAt", 0), reverse=True)
+        filtered = sorted(filtered, key=lambda x: x.get("total_price", 0), reverse=True)
+    elif sort == "deadline":
+        filtered = sorted(filtered, key=lambda x: x.get("deadline", "9999"))
+    else:  # latest
+        filtered = sorted(filtered, key=lambda x: x.get("created_at", 0), reverse=True)
     
     # 分页
-    start = (page - 1) * page_size
-    end = start + page_size
-    paginated = visible_tasks[start:end]
+    start = (page - 1) * limit
+    end = start + limit
+    paged = filtered[start:end]
+    
+    # 附加发布者信息
+    result = []
+    for task in paged:
+        publisher_info = user_map.get(task.get("publisher"), {})
+        result.append({
+            **task,
+            "publisher_name": publisher_info.get("name", task.get("publisher")),
+            "publisher_avatar": publisher_info.get("avatar", ""),
+            "status_text": TASK_STATUS.get(task.get("status"), "未知")
+        })
     
     return {
         "status": "success",
-        "data": paginated,
-        "total": len(visible_tasks),
+        "data": result,
+        "total": len(filtered),
         "page": page,
-        "page_size": page_size
+        "limit": limit
     }
 
-
-def _handle_task_expiry(task: dict, users_db: dict):
-    """
-    P2增强：处理任务过期退款
-    """
-    publisher = task.get("publisher")
-    assignee = task.get("assignee")
-    status = task.get("status")
-    
-    publisher_info = users_db.get(publisher, {})
-    
-    if status == "open":
-        # 招募中过期：解冻全部金额
-        frozen_amount = task.get("frozenAmount", task.get("totalPrice", 0))
-        publisher_info["frozen_balance"] = max(0, publisher_info.get("frozen_balance", 0) - frozen_amount)
-        users_db[publisher] = publisher_info
-        
-        _record_transaction(
-            account=publisher,
-            tx_type="expired_refund",
-            amount=frozen_amount,
-            related_task_id=task.get("id"),
-            note=f"任务过期解冻: {task['title'][:20]}"
-        )
-        
-        _send_task_notification(
-            account=publisher,
-            title="⏰ 任务已过期",
-            content=f"任务『{task['title']}』已过期，冻结的 {frozen_amount} 积分已解冻。",
-            task_id=task.get("id")
-        )
-        
-    elif status == "assigned":
-        # 已指派但未完成过期
-        if task.get("depositPaid"):
-            # 已支付订金：从接单者扣回订金，解冻尾款
-            deposit_amount = task.get("depositAmount", 0)
-            final_payment = task.get("finalPayment", 0)
-            
-            if assignee in users_db:
-                users_db[assignee]["balance"] = max(0, users_db[assignee].get("balance", 0) - deposit_amount)
-            
-            publisher_info["balance"] = publisher_info.get("balance", 0) + deposit_amount
-            publisher_info["frozen_balance"] = max(0, publisher_info.get("frozen_balance", 0) - final_payment)
-            users_db[publisher] = publisher_info
-            
-            _record_transaction(
-                account=publisher,
-                tx_type="expired_refund",
-                amount=deposit_amount,
-                related_task_id=task.get("id"),
-                target_account=assignee,
-                note=f"任务过期收回订金: {task['title'][:20]}"
-            )
-            
-            _send_task_notification(
-                account=publisher,
-                title="⏰ 任务已过期",
-                content=f"任务『{task['title']}』已过期，订金 {deposit_amount} 积分已退回。",
-                task_id=task.get("id")
-            )
-            _send_task_notification(
-                account=assignee,
-                title="⏰ 任务已过期",
-                content=f"任务『{task['title']}』已过期，订金 {deposit_amount} 积分已退回发布者。",
-                task_id=task.get("id")
-            )
-        else:
-            # 未支付订金：解冻全部金额
-            frozen_amount = task.get("frozenAmount", task.get("totalPrice", 0))
-            publisher_info["frozen_balance"] = max(0, publisher_info.get("frozen_balance", 0) - frozen_amount)
-            users_db[publisher] = publisher_info
-            
-            _record_transaction(
-                account=publisher,
-                tx_type="expired_refund",
-                amount=frozen_amount,
-                related_task_id=task.get("id"),
-                note=f"任务过期解冻: {task['title'][:20]}"
-            )
-            
-            _send_task_notification(
-                account=publisher,
-                title="⏰ 任务已过期",
-                content=f"任务『{task['title']}』已过期，冻结的 {frozen_amount} 积分已解冻。",
-                task_id=task.get("id")
-            )
-    
-    task["status"] = "expired"
-    task["expiredAt"] = int(time.time())
-
-
-# ==========================================
-# 📖 获取单个任务详情
-# ==========================================
 @router.get("/api/tasks/{task_id}")
-async def get_task_detail(task_id: str):
+async def get_task_detail(task_id: str, current_user: str = None):
     """
     获取任务详情
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
+    users_db = db.load_data("users.json", default_data=[])
     
-    task = next((t for t in tasks_db if t.get("id") == task_id), None)
-    if not task:
-        raise HTTPException(status_code=404, detail="任务不存在")
+    user_map = {u["account"]: u for u in users_db}
     
-    return {"status": "success", "data": task}
-
+    for task in tasks_db:
+        if task["id"] == task_id:
+            publisher_info = user_map.get(task.get("publisher"), {})
+            assignee_info = user_map.get(task.get("assignee"), {}) if task.get("assignee") else None
+            
+            # 构建申请者列表（带用户信息）
+            applicants_with_info = []
+            for app in task.get("applicants", []):
+                app_user = user_map.get(app.get("account"), {})
+                applicants_with_info.append({
+                    **app,
+                    "name": app_user.get("name", app.get("account")),
+                    "avatar": app_user.get("avatar", "")
+                })
+            
+            return {
+                "status": "success",
+                "data": {
+                    **task,
+                    "publisher_name": publisher_info.get("name", task.get("publisher")),
+                    "publisher_avatar": publisher_info.get("avatar", ""),
+                    "assignee_name": assignee_info.get("name") if assignee_info else None,
+                    "assignee_avatar": assignee_info.get("avatar") if assignee_info else None,
+                    "applicants": applicants_with_info,
+                    "status_text": TASK_STATUS.get(task.get("status"), "未知")
+                }
+            }
+    
+    raise HTTPException(status_code=404, detail="任务不存在")
 
-# ==========================================
-# ✏️ 发布新任务（P2增强：余额预检+冻结）
-# ==========================================
 @router.post("/api/tasks")
-async def create_task(task_data: TaskCreate):
+async def create_task(task: TaskCreate, current_user: str = Depends(require_auth), db_session: Session = Depends(get_db)):
     """
     发布新任务
-    P2增强：发布时预检余额并冻结总金额
+    💳 P6支付增强：发布时冻结全额，避免支付时余额不足
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
     
-    # 获取发布者信息
-    publisher_info = users_db.get(task_data.publisher, {})
+    # 验证订金比例
+    if task.depositRatio not in [10, 20, 30, 50]:
+        raise HTTPException(status_code=400, detail="订金比例必须是 10/20/30/50 之一")
     
-    # 💰 P2增强：余额预检
-    current_balance = publisher_info.get("balance", 0)
-    frozen_balance = publisher_info.get("frozen_balance", 0)
-    available_balance = current_balance - frozen_balance
+    # 验证价格
+    if task.totalPrice < 10:
+        raise HTTPException(status_code=400, detail="任务价格不能低于10积分")
     
-    if available_balance < task_data.totalPrice:
-        raise HTTPException(
-            status_code=400, 
-            detail=f"可用余额不足！当前可用 {available_balance} 积分，任务需要 {task_data.totalPrice} 积分"
-        )
+    # 💳 使用SQL钱包检查余额并冻结
+    wallet = db_session.query(Wallet).filter(Wallet.account == current_user).with_for_update().first()
+    if not wallet:
+        wallet = Wallet(account=current_user, balance=0)
+        db_session.add(wallet)
+        db_session.flush()
     
-    # 计算订金和尾款
-    deposit_amount = int(task_data.totalPrice * task_data.depositRatio / 100)
-    final_payment = task_data.totalPrice - deposit_amount
+    if wallet.balance < task.totalPrice:
+        raise HTTPException(status_code=400, detail=f"余额不足，需要{task.totalPrice}积分，当前{wallet.balance}积分")
     
-    # 💰 P2增强：冻结总金额
-    publisher_info["frozen_balance"] = frozen_balance + task_data.totalPrice
-    users_db[task_data.publisher] = publisher_info
-    db.save_data("users.json", users_db)
+    # 💳 冻结全额（从余额转移到冻结余额）
+    wallet.balance -= task.totalPrice
+    wallet.frozen_balance += task.totalPrice
     
-    # 记录冻结交易
-    _record_transaction(
-        account=task_data.publisher,
-        tx_type="task_freeze",
-        amount=task_data.totalPrice,
-        note=f"发布任务冻结: {task_data.title[:20]}"
-    )
+    # 计算订金金额
+    deposit_amount = int(task.totalPrice * task.depositRatio / 100)
+    
+    task_id = f"task_{int(time.time())}_{uuid.uuid4().hex[:6]}"
     
-    # 构建新任务对象
-    task_id = f"task_{uuid.uuid4().hex[:12]}"
     new_task = {
         "id": task_id,
-        "type": "task",
-        "title": task_data.title,
-        "description": task_data.description,
-        "referenceImages": task_data.referenceImages or [],
-        "referenceLink": task_data.referenceLink or "",
-        
-        # 💰 价格与订金
-        "totalPrice": task_data.totalPrice,
-        "depositRatio": task_data.depositRatio,
-        "depositAmount": deposit_amount,
-        "finalPayment": final_payment,
-        "frozenAmount": task_data.totalPrice,  # P2: 记录冻结金额
-        
-        # ⏰ 时间控制
-        "deadline": task_data.deadline,
-        "createdAt": int(time.time()),
-        
-        # 👤 参与者
-        "publisher": task_data.publisher,
-        "publisherName": publisher_info.get("name", task_data.publisher),
-        "publisherAvatar": publisher_info.get("avatarDataUrl", ""),
-        "applicants": [],           # 申请者列表 [{account, name, avatar, message, appliedAt}]
-        "assignee": None,           # 被选中的接单者
-        "assigneeName": None,
-        "assigneeAvatar": None,
-        
-        # 📊 状态机
-        "status": "open",           # open/assigned/in_progress/submitted/completed/expired/cancelled
-        "depositPaid": False,       # 订金已支付
-        "finalPaid": False,         # 尾款已支付
-        
-        # 📁 交付物
-        "deliverables": [],         # 接单者提交的成果
-        "deliverNote": "",          # 交付备注
-        "publisherFeedback": ""     # 发布者反馈
+        "title": task.title,
+        "description": task.description,
+        "reference_images": (task.referenceImages or [])[:6],
+        "reference_link": task.referenceLink,
+        "total_price": task.totalPrice,
+        "deposit_ratio": task.depositRatio,
+        "deposit_amount": deposit_amount,
+        "deadline": task.deadline,
+        "publisher": current_user,
+        "status": "open",
+        "created_at": int(time.time()),
+        # 接单相关
+        "applicants": [],           # 申请接单的用户列表
+        "assignee": None,           # 指派的接单者
+        "assigned_at": None,        # 指派时间
+        # 交付相关
+        "deliverables": [],         # 提交的成果
+        "submit_note": None,        # 提交备注
+        "submitted_at": None,       # 提交时间
+        # 验收相关
+        "completed_at": None,       # 完成时间
+        "feedback": None,           # 验收反馈
+        # 申诉相关
+        "dispute_id": None,         # 关联的申诉ID
+        # 💳 支付状态
+        "frozen_amount": task.totalPrice  # 已冻结金额
     }
     
     tasks_db.insert(0, new_task)
     db.save_data("tasks.json", tasks_db)
     
-    return {"status": "success", "data": new_task, "message": f"任务发布成功，已冻结 {task_data.totalPrice} 积分"}
-
-
-# ==========================================
-# 🙋 申请接单
-# ==========================================
-@router.post("/api/tasks/apply")
-async def apply_task(req: TaskApply):
-    """
-    接单者申请接单
-    """
-    tasks_db = db.load_data("tasks.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
-    
-    task_idx = next((i for i, t in enumerate(tasks_db) if t.get("id") == req.task_id), None)
-    if task_idx is None:
-        raise HTTPException(status_code=404, detail="任务不存在")
-    
-    task = tasks_db[task_idx]
-    
-    # 状态检查
-    if task.get("status") != "open":
-        raise HTTPException(status_code=400, detail="任务不在招募中")
-    
-    # 不能申请自己发布的任务
-    if task.get("publisher") == req.applicant:
-        raise HTTPException(status_code=400, detail="不能申请自己发布的任务")
-    
-    # 检查是否已申请
-    applicants = task.get("applicants", [])
-    if any(a.get("account") == req.applicant for a in applicants):
-        raise HTTPException(status_code=400, detail="您已申请过此任务")
-    
-    # 获取申请者信息
-    applicant_info = users_db.get(req.applicant, {})
-    
-    # 添加申请
-    applicants.append({
-        "account": req.applicant,
-        "name": applicant_info.get("name", req.applicant),
-        "avatar": applicant_info.get("avatarDataUrl", ""),
-        "message": req.message or "",
-        "appliedAt": int(time.time())
-    })
-    task["applicants"] = applicants
-    
-    db.save_data("tasks.json", tasks_db)
+    # 💳 记录冻结交易
+    create_task_transaction(
+        db_session, current_user, "TASK_FREEZE", 
+        -task.totalPrice, task_id=task_id
+    )
+    db_session.commit()
     
-    # TODO: 发送通知给发布者
+    logger.info(f"TASK_CREATE | publisher={current_user} | task={task_id} | price={task.totalPrice} | frozen={task.totalPrice}")
     
-    return {"status": "success", "message": "申请成功，等待发布者选择"}
+    return {"status": "success", "data": new_task, "frozen_amount": task.totalPrice}
 
-
-# ==========================================
-# 👆 发布者指派接单者
-# ==========================================
-@router.post("/api/tasks/assign")
-async def assign_task(req: TaskAssign):
+@router.put("/api/tasks/{task_id}")
+async def update_task(task_id: str, update_data: TaskUpdate, current_user: str = Depends(require_auth)):
     """
-    发布者指派接单者
+    更新任务（仅发布者可操作，且仅在 open 状态时可修改）
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
-    
-    task_idx = next((i for i, t in enumerate(tasks_db) if t.get("id") == req.task_id), None)
-    if task_idx is None:
-        raise HTTPException(status_code=404, detail="任务不存在")
-    
-    task = tasks_db[task_idx]
-    
-    # 权限校验
-    if task.get("publisher") != req.publisher:
-        raise HTTPException(status_code=403, detail="无权操作此任务")
-    
-    # 状态检查
-    if task.get("status") != "open":
-        raise HTTPException(status_code=400, detail="任务已不在招募中")
-    
-    # 检查指派的人是否在申请列表中
-    applicants = task.get("applicants", [])
-    assignee_info = next((a for a in applicants if a.get("account") == req.assignee), None)
-    if not assignee_info:
-        raise HTTPException(status_code=400, detail="该用户未申请此任务")
-    
-    # 更新任务状态
-    task["assignee"] = req.assignee
-    task["assigneeName"] = assignee_info.get("name", req.assignee)
-    task["assigneeAvatar"] = assignee_info.get("avatar", "")
-    task["status"] = "assigned"  # 等待支付订金
     
-    db.save_data("tasks.json", tasks_db)
-    
-    # P2增强：发送通知给接单者
-    _send_task_notification(
-        account=req.assignee,
-        title="🎉 您已被选中接单",
-        content=f"您已被选中接单任务『{task['title']}』，请等待发布者支付订金后开始工作。",
-        task_id=task["id"]
-    )
+    for task in tasks_db:
+        if task["id"] == task_id:
+            if task.get("publisher") != current_user:
+                raise HTTPException(status_code=403, detail="无权修改他人任务")
+            
+            if task.get("status") != "open":
+                raise HTTPException(status_code=400, detail="只能修改开放状态的任务")
+            
+            if update_data.title is not None:
+                task["title"] = update_data.title
+            if update_data.description is not None:
+                task["description"] = update_data.description
+            if update_data.referenceImages is not None:
+                task["reference_images"] = update_data.referenceImages[:6]
+            if update_data.referenceLink is not None:
+                task["reference_link"] = update_data.referenceLink
+            if update_data.totalPrice is not None:
+                task["total_price"] = update_data.totalPrice
+                task["deposit_amount"] = int(update_data.totalPrice * task["deposit_ratio"] / 100)
+            if update_data.depositRatio is not None and update_data.depositRatio in [10, 20, 30, 50]:
+                task["deposit_ratio"] = update_data.depositRatio
+                task["deposit_amount"] = int(task["total_price"] * update_data.depositRatio / 100)
+            if update_data.deadline is not None:
+                task["deadline"] = update_data.deadline
+            
+            db.save_data("tasks.json", tasks_db)
+            return {"status": "success"}
     
-    return {"status": "success", "message": "已指派接单者，请支付订金"}
+    raise HTTPException(status_code=404, detail="任务不存在")
 
-
-# ==========================================
-# 💰 支付订金（P2增强：从冻结余额扣款+交易记录+通知）
-# ==========================================
-@router.post("/api/tasks/{task_id}/pay_deposit")
-async def pay_deposit(task_id: str, publisher: str):
+@router.delete("/api/tasks/{task_id}")
+async def cancel_task(task_id: str, current_user: str = Depends(require_auth)):
     """
-    发布者支付订金
-    P2增强：从冻结余额中扣除订金
+    取消任务（仅发布者可操作，且仅在 open 状态时可取消）
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
-    
-    task_idx = next((i for i, t in enumerate(tasks_db) if t.get("id") == task_id), None)
-    if task_idx is None:
-        raise HTTPException(status_code=404, detail="任务不存在")
-    
-    task = tasks_db[task_idx]
-    
-    # 权限校验
-    if task.get("publisher") != publisher:
-        raise HTTPException(status_code=403, detail="无权操作此任务")
-    
-    # 状态检查
-    if task.get("status") != "assigned":
-        raise HTTPException(status_code=400, detail="当前状态不允许支付订金")
-    
-    if task.get("depositPaid"):
-        raise HTTPException(status_code=400, detail="订金已支付")
-    
-    deposit_amount = task.get("depositAmount", 0)
-    assignee = task.get("assignee")
-    publisher_info = users_db.get(publisher, {})
-    
-    # P2增强：从冻结余额中扣除订金
-    frozen_balance = publisher_info.get("frozen_balance", 0)
-    current_balance = publisher_info.get("balance", 0)
-    
-    # 订金从冻结金额中支付（已在发布时冻结）
-    # 扣减实际余额，同时减少冻结金额
-    publisher_info["balance"] = current_balance - deposit_amount
-    publisher_info["frozen_balance"] = frozen_balance - deposit_amount
-    users_db[publisher] = publisher_info
-    
-    # 订金转入接单者账户
-    if assignee not in users_db:
-        users_db[assignee] = {"balance": 0, "frozen_balance": 0}
-    users_db[assignee]["balance"] = users_db[assignee].get("balance", 0) + deposit_amount
-    
-    # 更新任务状态
-    task["depositPaid"] = True
-    task["status"] = "in_progress"
-    task["depositPaidAt"] = int(time.time())
-    
-    db.save_data("tasks.json", tasks_db)
-    db.save_data("users.json", users_db)
-    
-    # P2增强：记录交易明细
-    _record_transaction(
-        account=publisher,
-        tx_type="deposit_pay",
-        amount=deposit_amount,
-        related_task_id=task_id,
-        target_account=assignee,
-        note=f"支付订金: {task['title'][:20]}"
-    )
-    _record_transaction(
-        account=assignee,
-        tx_type="deposit_receive",
-        amount=deposit_amount,
-        related_task_id=task_id,
-        target_account=publisher,
-        note=f"收到订金: {task['title'][:20]}"
-    )
     
-    # P2增强：发送通知
-    _send_task_notification(
-        account=assignee,
-        title="💰 订金已到账",
-        content=f"任务『{task['title']}』的订金 {deposit_amount} 积分已到账，请尽快开始工作！",
-        task_id=task_id
-    )
+    for task in tasks_db:
+        if task["id"] == task_id:
+            if task.get("publisher") != current_user:
+                raise HTTPException(status_code=403, detail="无权取消他人任务")
+            
+            if task.get("status") != "open":
+                raise HTTPException(status_code=400, detail="只能取消开放状态的任务")
+            
+            task["status"] = "cancelled"
+            db.save_data("tasks.json", tasks_db)
+            return {"status": "success"}
     
-    return {"status": "success", "message": f"订金 {deposit_amount} 积分已支付，任务开始进行"}
-
+    raise HTTPException(status_code=404, detail="任务不存在")
 
 # ==========================================
-# 📤 接单者提交成果
+# 🙋 申请接单
 # ==========================================
-@router.post("/api/tasks/submit")
-async def submit_deliverables(req: TaskSubmit):
+
+@router.post("/api/tasks/{task_id}/apply")
+async def apply_task(task_id: str, message: str = None, current_user: str = Depends(require_auth)):
     """
-    接单者提交成果
+    申请接单
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
     
-    task_idx = next((i for i, t in enumerate(tasks_db) if t.get("id") == req.task_id), None)
-    if task_idx is None:
-        raise HTTPException(status_code=404, detail="任务不存在")
-    
-    task = tasks_db[task_idx]
-    
-    # 权限校验
-    if task.get("assignee") != req.assignee:
-        raise HTTPException(status_code=403, detail="您不是此任务的接单者")
-    
-    # 状态检查
-    if task.get("status") != "in_progress":
-        raise HTTPException(status_code=400, detail="当前状态不允许提交成果")
-    
-    # 更新交付物
-    task["deliverables"] = req.deliverables
-    task["deliverNote"] = req.note or ""
-    task["status"] = "submitted"
-    task["submittedAt"] = int(time.time())
-    
-    db.save_data("tasks.json", tasks_db)
-    
-    # P2增强：发送通知给发布者
-    _send_task_notification(
-        account=task.get("publisher"),
-        title="📥 任务成果已提交",
-        content=f"接单者已提交任务『{task['title']}』的成果，请查看并验收。",
-        task_id=req.task_id
-    )
+    for task in tasks_db:
+        if task["id"] == task_id:
+            if task.get("status") != "open":
+                raise HTTPException(status_code=400, detail="该任务不在开放接单状态")
+            
+            if task.get("publisher") == current_user:
+                raise HTTPException(status_code=400, detail="不能申请自己发布的任务")
+            
+            # 检查是否已申请
+            applicants = task.get("applicants", [])
+            if any(a["account"] == current_user for a in applicants):
+                raise HTTPException(status_code=400, detail="您已申请过该任务")
+            
+            # 添加申请
+            applicants.append({
+                "account": current_user,
+                "message": message or "",
+                "applied_at": int(time.time())
+            })
+            task["applicants"] = applicants
+            
+            db.save_data("tasks.json", tasks_db)
+            
+            # 🔔 通知发布者：有人申请接单
+            add_notification(task.get("publisher"), {
+                "type": "task_apply",
+                "from_user": current_user,
+                "target_item_id": task_id,
+                "target_item_title": task.get("title", ""),
+                "content": f"申请了您的任务《{task.get('title', '')}》"
+            })
+            
+            return {"status": "success", "message": "申请成功，等待发布者选择"}
     
-    return {"status": "success", "message": "成果已提交，等待发布者验收"}
+    raise HTTPException(status_code=404, detail="任务不存在")
 
-
-# ==========================================
-# ✅ 发布者验收（P2增强：从冻结余额支付尾款+交易记录+通知）
-# ==========================================
-@router.post("/api/tasks/accept")
-async def accept_task(req: TaskAccept):
+@router.delete("/api/tasks/{task_id}/apply")
+async def cancel_apply(task_id: str, current_user: str = Depends(require_auth)):
     """
-    发布者验收成果
-    P2增强：尾款从冻结余额支付
+    取消申请接单
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
-    
-    task_idx = next((i for i, t in enumerate(tasks_db) if t.get("id") == req.task_id), None)
-    if task_idx is None:
-        raise HTTPException(status_code=404, detail="任务不存在")
-    
-    task = tasks_db[task_idx]
-    
-    # 权限校验
-    if task.get("publisher") != req.publisher:
-        raise HTTPException(status_code=403, detail="无权操作此任务")
     
-    # 状态检查
-    if task.get("status") != "submitted":
-        raise HTTPException(status_code=400, detail="当前状态不允许验收")
-    
-    task["publisherFeedback"] = req.feedback or ""
-    publisher = task.get("publisher")
-    assignee = task.get("assignee")
-    
-    if req.is_accepted:
-        # 验收通过：支付尾款
-        final_payment = task.get("finalPayment", 0)
-        publisher_info = users_db.get(publisher, {})
-        
-        # P2增强：尾款从冻结余额中支付
-        frozen_balance = publisher_info.get("frozen_balance", 0)
-        current_balance = publisher_info.get("balance", 0)
-        
-        # 扣减实际余额，同时减少冻结金额
-        publisher_info["balance"] = current_balance - final_payment
-        publisher_info["frozen_balance"] = frozen_balance - final_payment
-        users_db[publisher] = publisher_info
-        
-        # 尾款转入接单者账户
-        if assignee not in users_db:
-            users_db[assignee] = {"balance": 0, "frozen_balance": 0}
-        users_db[assignee]["balance"] = users_db[assignee].get("balance", 0) + final_payment
-        
-        # 更新任务状态
-        task["finalPaid"] = True
-        task["status"] = "completed"
-        task["completedAt"] = int(time.time())
-        
-        db.save_data("users.json", users_db)
-        
-        # P2增强：记录交易明细
-        _record_transaction(
-            account=publisher,
-            tx_type="final_pay",
-            amount=final_payment,
-            related_task_id=req.task_id,
-            target_account=assignee,
-            note=f"支付尾款: {task['title'][:20]}"
-        )
-        _record_transaction(
-            account=assignee,
-            tx_type="final_receive",
-            amount=final_payment,
-            related_task_id=req.task_id,
-            target_account=publisher,
-            note=f"收到尾款: {task['title'][:20]}"
-        )
-        
-        # P2增强：发送通知
-        total_earned = task.get("depositAmount", 0) + final_payment
-        _send_task_notification(
-            account=assignee,
-            title="🎉 任务已完成",
-            content=f"任务『{task['title']}』已验收通过！尾款 {final_payment} 积分已到账，共计收入 {total_earned} 积分。",
-            task_id=req.task_id
-        )
-        
-        message = f"验收通过！尾款 {final_payment} 积分已支付给接单者"
-    else:
-        # 验收不通过：任务回到进行中状态
-        task["status"] = "in_progress"
-        task["deliverables"] = []  # 清空交付物
-        
-        # P2增强：发送通知
-        _send_task_notification(
-            account=assignee,
-            title="⚠️ 验收未通过",
-            content=f"任务『{task['title']}』验收未通过，请查看反馈并重新提交。反馈：{req.feedback or '无'}",
-            task_id=req.task_id
-        )
-        
-        message = "验收不通过，请接单者重新提交"
-    
-    db.save_data("tasks.json", tasks_db)
+    for task in tasks_db:
+        if task["id"] == task_id:
+            if task.get("status") != "open":
+                raise HTTPException(status_code=400, detail="任务已开始，无法取消申请")
+            
+            applicants = task.get("applicants", [])
+            new_applicants = [a for a in applicants if a["account"] != current_user]
+            
+            if len(new_applicants) == len(applicants):
+                raise HTTPException(status_code=400, detail="您未申请该任务")
+            
+            task["applicants"] = new_applicants
+            db.save_data("tasks.json", tasks_db)
+            return {"status": "success"}
     
-    return {"status": "success", "message": message}
-
+    raise HTTPException(status_code=404, detail="任务不存在")
 
 # ==========================================
-# ❌ 取消任务（P2增强：解冻余额+交易记录+通知）
+# 🎯 指派接单者
 # ==========================================
-@router.post("/api/tasks/{task_id}/cancel")
-async def cancel_task(task_id: str, publisher: str):
+
+@router.post("/api/tasks/{task_id}/assign")
+async def assign_task(task_id: str, assignee: str, current_user: str = Depends(require_auth), db_session: Session = Depends(get_db)):
     """
-    发布者取消任务
-    P2增强：取消时解冻余额，退还订金
+    发布者选择接单者
+    💳 P6支付增强：从冻结金额中扣除订金，记录交易
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
-    
-    task_idx = next((i for i, t in enumerate(tasks_db) if t.get("id") == task_id), None)
-    if task_idx is None:
-        raise HTTPException(status_code=404, detail="任务不存在")
-    
-    task = tasks_db[task_idx]
-    
-    # 权限校验
-    if task.get("publisher") != publisher:
-        raise HTTPException(status_code=403, detail="无权操作此任务")
     
-    status = task.get("status")
-    
-    # 只有 open 和 assigned 状态可以取消
-    if status not in ["open", "assigned"]:
-        raise HTTPException(status_code=400, detail="任务进行中或已完成，无法取消")
-    
-    publisher_info = users_db.get(publisher, {})
-    frozen_amount = task.get("frozenAmount", task.get("totalPrice", 0))
-    assignee = task.get("assignee")
-    
-    # P2增强：解冻余额
-    if status == "open":
-        # 招募中取消：解冻全部金额
-        publisher_info["frozen_balance"] = max(0, publisher_info.get("frozen_balance", 0) - frozen_amount)
-        users_db[publisher] = publisher_info
-        
-        _record_transaction(
-            account=publisher,
-            tx_type="task_unfreeze",
-            amount=frozen_amount,
-            related_task_id=task_id,
-            note=f"取消任务解冻: {task['title'][:20]}"
-        )
-        
-    elif status == "assigned":
-        if task.get("depositPaid"):
-            # 已支付订金：从接单者扣回订金，解冻剩余尾款
-            deposit_amount = task.get("depositAmount", 0)
-            final_payment = task.get("finalPayment", 0)
-            
-            # 从接单者扣除订金
-            if assignee in users_db:
-                users_db[assignee]["balance"] = max(0, users_db[assignee].get("balance", 0) - deposit_amount)
-            
-            # 退还给发布者
-            publisher_info["balance"] = publisher_info.get("balance", 0) + deposit_amount
-            # 解冻剩余尾款
-            publisher_info["frozen_balance"] = max(0, publisher_info.get("frozen_balance", 0) - final_payment)
-            users_db[publisher] = publisher_info
-            
-            # 记录退款交易
-            _record_transaction(
-                account=assignee,
-                tx_type="task_refund",
-                amount=-deposit_amount,
-                related_task_id=task_id,
-                target_account=publisher,
-                note=f"任务取消退回订金: {task['title'][:20]}"
-            )
-            _record_transaction(
-                account=publisher,
-                tx_type="task_refund",
-                amount=deposit_amount,
-                related_task_id=task_id,
-                target_account=assignee,
-                note=f"任务取消收回订金: {task['title'][:20]}"
-            )
+    for task in tasks_db:
+        if task["id"] == task_id:
+            if task.get("publisher") != current_user:
+                raise HTTPException(status_code=403, detail="只有发布者可以指派接单者")
             
-            # 通知接单者
-            _send_task_notification(
-                account=assignee,
-                title="⚠️ 任务已取消",
-                content=f"任务『{task['title']}』已被发布者取消，订金 {deposit_amount} 积分已退回。",
-                task_id=task_id
-            )
-        else:
-            # 未支付订金：解冻全部金额
-            publisher_info["frozen_balance"] = max(0, publisher_info.get("frozen_balance", 0) - frozen_amount)
-            users_db[publisher] = publisher_info
-            
-            _record_transaction(
-                account=publisher,
-                tx_type="task_unfreeze",
-                amount=frozen_amount,
-                related_task_id=task_id,
-                note=f"取消任务解冻: {task['title'][:20]}"
+            if task.get("status") != "open":
+                raise HTTPException(status_code=400, detail="该任务不在开放状态")
+            
+            # 验证接单者是否在申请列表中
+            applicants = task.get("applicants", [])
+            if not any(a["account"] == assignee for a in applicants):
+                raise HTTPException(status_code=400, detail="该用户未申请此任务")
+            
+            deposit = task.get("deposit_amount", 0)
+            
+            # 💳 从冻结金额中扣除订金（订金暂时不给接单者，待任务完成后一起给）
+            wallet = db_session.query(Wallet).filter(Wallet.account == current_user).with_for_update().first()
+            if not wallet or wallet.frozen_balance < deposit:
+                raise HTTPException(status_code=400, detail="冻结余额异常")
+            
+            # 订金从冻结金额中扣除（但还不给接单者，待任务完成后一起支付）
+            wallet.frozen_balance -= deposit
+            
+            # 💳 记录订金支付交易
+            create_task_transaction(
+                db_session, current_user, "TASK_DEPOSIT",
+                -deposit, related_account=assignee, task_id=task_id
             )
             
-            # 通知接单者
-            if assignee:
-                _send_task_notification(
-                    account=assignee,
-                    title="⚠️ 任务已取消",
-                    content=f"任务『{task['title']}』已被发布者取消。",
-                    task_id=task_id
-                )
-    
-    db.save_data("users.json", users_db)
-    
-    task["status"] = "cancelled"
-    task["cancelledAt"] = int(time.time())
-    
-    db.save_data("tasks.json", tasks_db)
+            # 更新任务状态
+            task["assignee"] = assignee
+            task["assigned_at"] = int(time.time())
+            task["status"] = "in_progress"
+            task["deposit_paid"] = deposit  # 💳 记录已支付订金
+            
+            db.save_data("tasks.json", tasks_db)
+            db_session.commit()
+            
+            # 🔔 通知接单者：被指派接单
+            add_notification(assignee, {
+                "type": "task_assigned",
+                "from_user": current_user,
+                "target_item_id": task_id,
+                "target_item_title": task.get("title", ""),
+                "content": f"您已被选为任务《{task.get('title', '')}》的接单者，订金{deposit}积分已缓冲"
+            })
+            
+            logger.info(f"TASK_ASSIGN | publisher={current_user} | assignee={assignee} | task={task_id} | deposit={deposit}")
+            
+            return {"status": "success", "message": f"已指派 {assignee} 接单，订金 {deposit} 积分已开始缓冲"}
     
-    return {"status": "success", "message": "任务已取消"}
-
+    raise HTTPException(status_code=404, detail="任务不存在")
 
 # ==========================================
-# 📊 获取用户相关的任务
+# 📤 提交成果
 # ==========================================
-@router.get("/api/tasks/user/{account}")
-async def get_user_tasks(account: str, role: str = "all"):
+
+@router.post("/api/tasks/{task_id}/submit")
+async def submit_task(task_id: str, deliverables: list, note: str = None, current_user: str = Depends(require_auth)):
     """
-    获取用户发布或参与的任务
-    
-    查询参数：
-        - role: publisher=我发布的, assignee=我接的, all=全部
+    接单者提交成果
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
     
-    user_tasks = []
     for task in tasks_db:
-        is_publisher = task.get("publisher") == account
-        is_assignee = task.get("assignee") == account
-        is_applicant = any(a.get("account") == account for a in task.get("applicants", []))
-        
-        if role == "publisher" and is_publisher:
-            user_tasks.append({**task, "userRole": "publisher"})
-        elif role == "assignee" and (is_assignee or is_applicant):
-            user_tasks.append({**task, "userRole": "assignee" if is_assignee else "applicant"})
-        elif role == "all" and (is_publisher or is_assignee or is_applicant):
-            user_tasks.append({
-                **task, 
-                "userRole": "publisher" if is_publisher else ("assignee" if is_assignee else "applicant")
+        if task["id"] == task_id:
+            if task.get("assignee") != current_user:
+                raise HTTPException(status_code=403, detail="只有接单者可以提交成果")
+            
+            if task.get("status") != "in_progress":
+                raise HTTPException(status_code=400, detail="任务状态不允许提交")
+            
+            if not deliverables:
+                raise HTTPException(status_code=400, detail="请上传交付成果")
+            
+            task["deliverables"] = deliverables
+            task["submit_note"] = note
+            task["submitted_at"] = int(time.time())
+            task["status"] = "submitted"
+            
+            db.save_data("tasks.json", tasks_db)
+            
+            # 🔔 通知发布者：接单者已提交成果
+            add_notification(task.get("publisher"), {
+                "type": "task_submitted",
+                "from_user": current_user,
+                "target_item_id": task_id,
+                "target_item_title": task.get("title", ""),
+                "content": f"已提交任务《{task.get('title', '')}》的成果，请验收"
             })
+            
+            return {"status": "success", "message": "成果已提交，等待发布者验收"}
     
-    user_tasks.sort(key=lambda x: x.get("createdAt", 0), reverse=True)
-    
-    return {"status": "success", "data": user_tasks}
-
-
-# ==========================================
-# 🔧 辅助函数
-# ==========================================
-def _parse_deadline(deadline_str: str) -> int:
-    """
-    解析截止时间字符串为时间戳
-    """
-    if not deadline_str:
-        return 0
-    try:
-        # 尝试多种格式
-        for fmt in ["%Y-%m-%dT%H:%M:%S", "%Y-%m-%d %H:%M:%S", "%Y-%m-%d"]:
-            try:
-                dt = datetime.strptime(deadline_str, fmt)
-                return int(dt.timestamp())
-            except ValueError:
-                continue
-        return 0
-    except:
-        return 0
-
+    raise HTTPException(status_code=404, detail="任务不存在")
 
 # ==========================================
-# 💰 P2增强：获取用户交易明细
+# ✅ 验收成果
 # ==========================================
-@router.get("/api/transactions/user/{account}")
-async def get_user_transactions(account: str, tx_type: str = "all", page: int = 1, page_size: int = 20):
-    """
-    获取用户交易明细
-    
-    查询参数：
-        - tx_type: 交易类型过滤 (all/deposit/final/freeze/refund)
-        - page: 页码
-        - page_size: 每页数量
-    """
-    transactions_db = db.load_data("transactions.json", default_data=[])
-    
-    # 过滤用户交易
-    user_transactions = [t for t in transactions_db if t.get("account") == account]
-    
-    # 按类型��滤
-    if tx_type != "all":
-        type_map = {
-            "deposit": ["deposit_pay", "deposit_receive"],
-            "final": ["final_pay", "final_receive"],
-            "freeze": ["task_freeze", "task_unfreeze"],
-            "refund": ["task_refund", "expired_refund"]
-        }
-        target_types = type_map.get(tx_type, [])
-        if target_types:
-            user_transactions = [t for t in user_transactions if t.get("type") in target_types]
-    
-    # 分页
-    total = len(user_transactions)
-    start = (page - 1) * page_size
-    end = start + page_size
-    paginated = user_transactions[start:end]
-    
-    return {
-        "status": "success",
-        "data": paginated,
-        "total": total,
-        "page": page,
-        "page_size": page_size
-    }
 
-
-# ==========================================
-# 📈 P2增强：获取用户任务收益统计
-# ==========================================
-@router.get("/api/tasks/stats/{account}")
-async def get_task_stats(account: str):
+@router.post("/api/tasks/{task_id}/accept")
+async def accept_task(task_id: str, is_accepted: bool, feedback: str = None, current_user: str = Depends(require_auth), db_session: Session = Depends(get_db)):
     """
-    获取用户任务统计信息
+    发布者验收成果
+    - is_accepted=True: 验收通过，支付尾款给接单者
+    - is_accepted=False: 验收不通过，可以要求修改或发起申诉
+    💳 P6支付增强：使用SQL钱包支付，记录交易流水，发送支付通知
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
-    transactions_db = db.load_data("transactions.json", default_data=[])
-    
-    # 统计任务数量
-    published_tasks = [t for t in tasks_db if t.get("publisher") == account]
-    assigned_tasks = [t for t in tasks_db if t.get("assignee") == account]
-    
-    # 分状态统计
-    published_open = len([t for t in published_tasks if t.get("status") == "open"])
-    published_in_progress = len([t for t in published_tasks if t.get("status") in ["assigned", "in_progress", "submitted"]])
-    published_completed = len([t for t in published_tasks if t.get("status") == "completed"])
-    
-    assigned_in_progress = len([t for t in assigned_tasks if t.get("status") in ["in_progress", "submitted"]])
-    assigned_completed = len([t for t in assigned_tasks if t.get("status") == "completed"])
-    
-    # 统计收入（从交易记录中计算）
-    user_transactions = [t for t in transactions_db if t.get("account") == account]
-    
-    # 任务收入（收到的订金+尾款）
-    task_income = sum(
-        t.get("amount", 0) 
-        for t in user_transactions 
-        if t.get("type") in ["deposit_receive", "final_receive"]
-    )
-    
-    # 任务支出（支付的订金+尾款）
-    task_expense = sum(
-        t.get("amount", 0) 
-        for t in user_transactions 
-        if t.get("type") in ["deposit_pay", "final_pay"]
-    )
     
-    # 冻结金额（当前招募中的任务）
-    frozen_for_tasks = sum(
-        t.get("frozenAmount", t.get("totalPrice", 0)) 
-        for t in published_tasks 
-        if t.get("status") == "open"
-    )
+    for task in tasks_db:
+        if task["id"] == task_id:
+            if task.get("publisher") != current_user:
+                raise HTTPException(status_code=403, detail="只有发布者可以验收")
+            
+            if task.get("status") != "submitted":
+                raise HTTPException(status_code=400, detail="任务状态不允许验收")
+            
+            task["feedback"] = feedback
+            assignee_account = task.get("assignee")
+            total_price = task.get("total_price", 0)
+            deposit = task.get("deposit_paid", task.get("deposit_amount", 0))  # 优先使用已记录的支付订金
+            remaining = total_price - deposit  # 尾款
+            
+            if is_accepted:
+                # 💳 验收通过：支付尾款给接单者
+                publisher_wallet = db_session.query(Wallet).filter(Wallet.account == current_user).with_for_update().first()
+                if not publisher_wallet or publisher_wallet.frozen_balance < remaining:
+                    raise HTTPException(status_code=400, detail="冻结余额不足支付尾款")
+                
+                # 扣除发布者尾款（从冻结余额）
+                publisher_wallet.frozen_balance -= remaining
+                
+                # 给接单者全款（订金+尾款）
+                assignee_wallet = db_session.query(Wallet).filter(Wallet.account == assignee_account).with_for_update().first()
+                if not assignee_wallet:
+                    assignee_wallet = Wallet(account=assignee_account, balance=0)
+                    db_session.add(assignee_wallet)
+                    db_session.flush()
+                
+                assignee_wallet.balance += total_price  # 全款进入可用余额
+                
+                # 💳 记录交易流水
+                # 1. 发布者支付尾款
+                create_task_transaction(
+                    db_session, current_user, "TASK_PAYMENT",
+                    -remaining, related_account=assignee_account, task_id=task_id
+                )
+                # 2. 接单者收入
+                create_task_transaction(
+                    db_session, assignee_account, "TASK_INCOME",
+                    total_price, related_account=current_user, task_id=task_id
+                )
+                
+                task["status"] = "completed"
+                task["completed_at"] = int(time.time())
+                
+                db_session.commit()
+                
+                logger.info(f"TASK_COMPLETE | publisher={current_user} | assignee={assignee_account} | task={task_id} | total={total_price}")
+                message = f"验收通过，已支付 {total_price} 积分给接单者"
+                
+                # 🔔 支付通知：接单者收到款项
+                add_notification(assignee_account, {
+                    "type": "task_payment",
+                    "from_user": current_user,
+                    "target_item_id": task_id,
+                    "target_item_title": task.get("title", ""),
+                    "content": f"💰 任务《{task.get('title', '')}》验收通过，{total_price}积分已到账"
+                })
+            else:
+                # 验收不通过：回到进行中状态，允许修改后重新提交
+                task["status"] = "in_progress"
+                task["deliverables"] = []
+                task["submitted_at"] = None
+                message = "验收不通过，接单者可以修改后重新提交"
+                
+                # 🔔 通知接单者：验收未通过
+                add_notification(assignee_account, {
+                    "type": "task_rejected",
+                    "from_user": current_user,
+                    "target_item_id": task_id,
+                    "target_item_title": task.get("title", ""),
+                    "content": f"任务《{task.get('title', '')}》验收未通过，请修改后重新提交"
+                })
+            
+            db.save_data("tasks.json", tasks_db)
+            
+            return {"status": "success", "message": message}
     
-    return {
-        "status": "success",
-        "data": {
-            # 发布任务统计
-            "published": {
-                "total": len(published_tasks),
-                "open": published_open,
-                "in_progress": published_in_progress,
-                "completed": published_completed
-            },
-            # 接单任务统计
-            "assigned": {
-                "total": len(assigned_tasks),
-                "in_progress": assigned_in_progress,
-                "completed": assigned_completed
-            },
-            # 财务统计
-            "finance": {
-                "task_income": task_income,      # 任务收入
-                "task_expense": task_expense,    # 任务支出
-                "frozen_for_tasks": frozen_for_tasks  # 任务冻结金额
-            }
-        }
-    }
-
+    raise HTTPException(status_code=404, detail="任务不存在")
 
 # ==========================================
-# ⚖️ P3增强：发起申诉
+# ⚖️ 申诉仲裁系统
 # ==========================================
-@router.post("/api/tasks/dispute")
-async def create_dispute(req: TaskDispute):
+import os
+ADMIN_ACCOUNTS = [a.strip() for a in os.getenv("ADMIN_ACCOUNTS", "admin").split(",")]
+
+@router.post("/api/tasks/{task_id}/dispute")
+async def create_dispute(task_id: str, reason: str, evidence: list = None, current_user: str = Depends(require_auth)):
     """
-    发起任务申诉
-    可由发布者或接单者发起
-    
-    触发条件：
-    - 验收不通过后，接单者可在 3 天内发起申诉
-    - 验收通过后，发布者可在 7 天内发起申诉（发现质量问题）
+    发起申诉（发布者或接单者均可）
+    - evidence: 证据图片URL列表（可选）
     """
     tasks_db = db.load_data("tasks.json", default_data=[])
     disputes_db = db.load_data("disputes.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
-    
-    # 查找任务
-    task = next((t for t in tasks_db if t.get("id") == req.task_id), None)
-    if not task:
-        raise HTTPException(status_code=404, detail="任务不存在")
-    
-    publisher = task.get("publisher")
-    assignee = task.get("assignee")
-    
-    # 权限校验：只有发布者或接单者可以发起申诉
-    if req.initiator not in [publisher, assignee]:
-        raise HTTPException(status_code=403, detail="您不是该任务的参与者，无法发起申诉")
-    
-    # 状态校验：只有特定状态可以申诉
-    status = task.get("status")
-    
-    # 接单者申诉：验收不���过后可申诉
-    if req.initiator == assignee:
-        if status != "in_progress":  # 验收不通过后任务回到 in_progress
-            raise HTTPException(status_code=400, detail="当前状态不允许申诉，仅在验收不通过后可发起申诉")
-    
-    # 发布者申诉：验收通过后发现问题可申诉
-    if req.initiator == publisher:
-        if status not in ["completed", "in_progress"]:
-            raise HTTPException(status_code=400, detail="当前状态不允许申诉")
-    
-    # 检查是否已有未处理的申诉
-    existing_dispute = next(
-        (d for d in disputes_db if d.get("task_id") == req.task_id and d.get("status") in ["pending", "responded"]), 
-        None
-    )
-    if existing_dispute:
-        raise HTTPException(status_code=400, detail="该任务已有未处理的申诉")
-    
-    # 确定被申诉方
-    respondent = assignee if req.initiator == publisher else publisher
-    respondent_info = users_db.get(respondent, {})
-    initiator_info = users_db.get(req.initiator, {})
     
-    # 创建申诉记录
-    dispute_id = f"dispute_{uuid.uuid4().hex[:12]}"
-    dispute = {
-        "id": dispute_id,
-        "task_id": req.task_id,
-        "task_title": task.get("title", ""),
-        
-        # 申诉方信息
-        "initiator": req.initiator,
-        "initiator_name": initiator_info.get("name", req.initiator),
-        "initiator_avatar": initiator_info.get("avatarDataUrl", ""),
-        "initiator_role": "publisher" if req.initiator == publisher else "assignee",
-        "reason": req.reason,
-        "evidence": req.evidence or [],
-        
-        # 被申诉方信息
-        "respondent": respondent,
-        "respondent_name": respondent_info.get("name", respondent),
-        "respondent_avatar": respondent_info.get("avatarDataUrl", ""),
-        "response": None,
-        "response_evidence": [],
-        "responded_at": None,
-        
-        # 状态与时间
-        "status": "pending",  # pending -> responded -> resolved
-        "created_at": int(time.time()),
-        
-        # 仲裁信息
-        "admin_account": None,
-        "admin_result": None,
-        "admin_note": None,
-        "resolved_at": None,
-        
-        # 涉及金额（争议金额）
-        "disputed_amount": task.get("finalPayment", 0) if status == "in_progress" else task.get("totalPrice", 0)
-    }
-    
-    # 更新任务状态为申诉中
-    task_idx = next((i for i, t in enumerate(tasks_db) if t.get("id") == req.task_id), None)
-    if task_idx is not None:
-        tasks_db[task_idx]["status"] = "disputed"
-        tasks_db[task_idx]["dispute_id"] = dispute_id
-    
-    disputes_db.insert(0, dispute)
-    db.save_data("disputes.json", disputes_db)
-    db.save_data("tasks.json", tasks_db)
-    
-    # 发送通知给被申诉方
-    _send_task_notification(
-        account=respondent,
-        title="⚠️ 您有新的任务申诉",
-        content=f"任务『{task.get('title')}』被发起申诉，请尽快回应。申诉理由：{req.reason[:50]}...",
-        task_id=req.task_id
-    )
-    
-    # 记录交易
-    _record_transaction(
-        account=req.initiator,
-        tx_type="dispute_initiated",
-        amount=0,
-        related_task_id=req.task_id,
-        target_account=respondent,
-        note=f"发起申诉: {task.get('title', '')[:20]}"
-    )
+    for task in tasks_db:
+        if task["id"] == task_id:
+            # 验证权限
+            if current_user not in [task.get("publisher"), task.get("assignee")]:
+                raise HTTPException(status_code=403, detail="只有发布者或接单者可以发起申诉")
+            
+            # 验证状态
+            if task.get("status") not in ["in_progress", "submitted"]:
+                raise HTTPException(status_code=400, detail="当前状态不允许申诉")
+            
+            # 检查是否已有申诉
+            if task.get("dispute_id"):
+                raise HTTPException(status_code=400, detail="该任务已有进行中的申诉")
+            
+            # 确定角色
+            is_publisher = current_user == task.get("publisher")
+            role = "publisher" if is_publisher else "assignee"
+            
+            # 创建申诉
+            dispute = {
+                "id": f"dispute_{int(time.time())}_{uuid.uuid4().hex[:6]}",
+                "task_id": task_id,
+                "task_title": task.get("title", ""),
+                "publisher": task.get("publisher"),
+                "assignee": task.get("assignee"),
+                "initiator": current_user,
+                "initiator_role": role,
+                "reason": reason,
+                "evidence": (evidence or [])[:6],
+                "status": "pending",  # pending/responded/resolved
+                "created_at": int(time.time()),
+                # 被申诉方回应
+                "response": None,
+                "response_evidence": [],
+                "responded_at": None,
+                # 仲裁结果
+                "resolution": None,  # favor_initiator/favor_respondent/split
+                "resolution_ratio": None,  # 分成比例(如果是split)
+                "resolution_note": None,
+                "resolved_by": None,
+                "resolved_at": None
+            }
+            
+            disputes_db.append(dispute)
+            task["status"] = "disputed"
+            task["dispute_id"] = dispute["id"]
+            
+            db.save_data("tasks.json", tasks_db)
+            db.save_data("disputes.json", disputes_db)
+            
+            # 🔔 通知对方：已发起申诉
+            other_party = task.get("assignee") if is_publisher else task.get("publisher")
+            add_notification(other_party, {
+                "type": "task_disputed",
+                "from_user": current_user,
+                "target_item_id": task_id,
+                "target_item_title": task.get("title", ""),
+                "content": f"对任务《{task.get('title', '')}》发起了申诉，请回应"
+            })
+            
+            return {"status": "success", "data": dispute, "message": "申诉已提交，等待对方回应"}
     
-    return {"status": "success", "data": dispute, "message": "申诉已提交，请等待对方回应"}
+    raise HTTPException(status_code=404, detail="任务不存在")
 
-
-# ==========================================
-# ⚖️ P3增强：被申诉方回应
-# ==========================================
-@router.post("/api/tasks/dispute/respond")
-async def respond_dispute(req: TaskDisputeResponse):
+@router.get("/api/disputes/{dispute_id}")
+async def get_dispute_detail(dispute_id: str):
     """
-    被申诉方回应申诉
+    获取申诉详情
     """
     disputes_db = db.load_data("disputes.json", default_data=[])
+    users_db = db.load_data("users.json", default_data=[])
     
-    # 查找申诉
-    dispute_idx = next((i for i, d in enumerate(disputes_db) if d.get("id") == req.dispute_id), None)
-    if dispute_idx is None:
-        raise HTTPException(status_code=404, detail="申诉不存在")
-    
-    dispute = disputes_db[dispute_idx]
+    user_map = {u["account"]: u for u in users_db}
     
-    # 权限校验
-    if dispute.get("respondent") != req.respondent:
-        raise HTTPException(status_code=403, detail="您不是被申诉方，无法回应")
-    
-    # 状态校验
-    if dispute.get("status") != "pending":
-        raise HTTPException(status_code=400, detail="该申诉已回应或已处理")
-    
-    # 更新申诉记录
-    dispute["response"] = req.response
-    dispute["response_evidence"] = req.evidence or []
-    dispute["responded_at"] = int(time.time())
-    dispute["status"] = "responded"
-    
-    disputes_db[dispute_idx] = dispute
-    db.save_data("disputes.json", disputes_db)
-    
-    # 发送通知给申诉方
-    _send_task_notification(
-        account=dispute.get("initiator"),
-        title="📝 申诉已收到回应",
-        content=f"您对任务『{dispute.get('task_title')}』的申诉已收到对方回应，等待管理员仲裁。",
-        task_id=dispute.get("task_id")
-    )
+    for dispute in disputes_db:
+        if dispute["id"] == dispute_id:
+            publisher_info = user_map.get(dispute.get("publisher"), {})
+            assignee_info = user_map.get(dispute.get("assignee"), {})
+            
+            return {
+                "status": "success",
+                "data": {
+                    **dispute,
+                    "publisher_name": publisher_info.get("name", dispute.get("publisher")),
+                    "publisher_avatar": publisher_info.get("avatar", ""),
+                    "assignee_name": assignee_info.get("name", dispute.get("assignee")),
+                    "assignee_avatar": assignee_info.get("avatar", "")
+                }
+            }
     
-    return {"status": "success", "message": "回应已提交，等待管理员仲裁"}
-
+    raise HTTPException(status_code=404, detail="申诉不存在")
 
-# ==========================================
-# ⚖️ P3增强：管理员仲裁
-# ==========================================
-@router.post("/api/tasks/dispute/resolve")
-async def resolve_dispute(req: TaskDisputeResolve):
+@router.post("/api/disputes/{dispute_id}/respond")
+async def respond_dispute(dispute_id: str, response: str, evidence: list = None, current_user: str = Depends(require_auth)):
     """
-    管理员仲裁申诉
-    
-    仲裁结果：
-    - support_initiator: 支持申诉方，争议金额全额给申诉方
-    - support_respondent: 支持被申诉方，争议金额全额给被申诉方
-    - split: 双方分成，按 split_ratio 分配
+    被申诉方回应申诉
     """
-    # 管理员权限校验
-    if req.admin_account != "123456":  # 管理员账号
-        raise HTTPException(status_code=403, detail="无管理���权限")
-    
     disputes_db = db.load_data("disputes.json", default_data=[])
-    tasks_db = db.load_data("tasks.json", default_data=[])
-    users_db = db.load_data("users.json", default_data={})
-    
-    # 查找申诉
-    dispute_idx = next((i for i, d in enumerate(disputes_db) if d.get("id") == req.dispute_id), None)
-    if dispute_idx is None:
-        raise HTTPException(status_code=404, detail="申诉不存在")
-    
-    dispute = disputes_db[dispute_idx]
-    
-    # 状态校验
-    if dispute.get("status") == "resolved":
-        raise HTTPException(status_code=400, detail="该申诉已处理")
-    
-    task_id = dispute.get("task_id")
-    task = next((t for t in tasks_db if t.get("id") == task_id), None)
-    if not task:
-        raise HTTPException(status_code=404, detail="关联任务不存在")
     
-    initiator = dispute.get("initiator")
-    respondent = dispute.get("respondent")
-    disputed_amount = dispute.get("disputed_amount", 0)
-    publisher = task.get("publisher")
-    assignee = task.get("assignee")
-    
-    # 根据仲裁结果分配资金
-    if req.result == "support_initiator":
-        # 支持申诉方
-        winner = initiator
-        loser = respondent
-        winner_amount = disputed_amount
-        loser_amount = 0
-        result_msg = f"申诉成功，争议金额 {disputed_amount} 积分已分配给申诉方"
-        
-    elif req.result == "support_respondent":
-        # 支持被申诉方
-        winner = respondent
-        loser = initiator
-        winner_amount = disputed_amount
-        loser_amount = 0
-        result_msg = f"申诉被驳回，争议金额 {disputed_amount} 积分已分配给被申诉方"
-        
-    elif req.result == "split":
-        # 双方分成
-        split_ratio = req.split_ratio or 50
-        winner_amount = int(disputed_amount * split_ratio / 100)
-        loser_amount = disputed_amount - winner_amount
-        result_msg = f"申诉调解成功，申诉方获得 {winner_amount} 积分，被申诉方获得 {loser_amount} 积分"
-    else:
-        raise HTTPException(status_code=400, detail="无效的仲裁结果")
-    
-    # 执行资金转移
-    # 如果申诉方是接单者且胜诉，尾款从发布者冻结中扣除并转给接单者
-    # 如果申诉方是发布者且胜诉，需要从接单者账户扣除并退还给发布者
-    
-    if req.result == "support_initiator":
-        if dispute.get("initiator_role") == "assignee":
-            # 接单者胜诉：尾款转给接单者
-            _execute_dispute_payment(users_db, publisher, assignee, disputed_amount, task, "assignee_wins")
-        else:
-            # 发布者胜诉：从接单者扣除已支付的订金
-            _execute_dispute_payment(users_db, assignee, publisher, disputed_amount, task, "publisher_wins")
-    elif req.result == "support_respondent":
-        if dispute.get("initiator_role") == "assignee":
-            # 接单者申诉失败：不进行额外资金转移，任务继续
-            pass
-        else:
-            # 发布者申诉失败：尾款继续留给接单者
-            pass
-    elif req.result == "split":
-        # 分成处理
-        _execute_dispute_split(users_db, publisher, assignee, initiator, respondent, winner_amount, loser_amount, task)
-    
-    db.save_data("users.json", users_db)
-    
-    # 更新申诉状态
-    dispute["status"] = "resolved"
-    dispute["admin_account"] = req.admin_account
-    dispute["admin_result"] = req.result
-    dispute["admin_note"] = req.admin_note
-    dispute["resolved_at"] = int(time.time())
-    if req.result == "split":
-        dispute["split_ratio"] = req.split_ratio
-    
-    disputes_db[dispute_idx] = dispute
-    db.save_data("disputes.json", disputes_db)
-    
-    # 更新任务状态
-    task_idx = next((i for i, t in enumerate(tasks_db) if t.get("id") == task_id), None)
-    if task_idx is not None:
-        tasks_db[task_idx]["status"] = "resolved"  # 申诉已解决
-        tasks_db[task_idx]["dispute_result"] = req.result
-        db.save_data("tasks.json", tasks_db)
-    
-    # 发送通知给双方
-    _send_task_notification(
-        account=initiator,
-        title="⚖️ 申诉已处理",
-        content=f"任务『{task.get('title')}』的申诉已由管理员处理。{result_msg}",
-        task_id=task_id
-    )
-    _send_task_notification(
-        account=respondent,
-        title="⚖️ 申诉已处理",
-        content=f"任务『{task.get('title')}』的申诉已由管理员处理。{result_msg}",
-        task_id=task_id
-    )
-    
-    # 记录交易
-    _record_transaction(
-        account=req.admin_account,
-        tx_type="dispute_resolved",
-        amount=disputed_amount,
-        related_task_id=task_id,
-        note=f"仲裁申诉: {task.get('title', '')[:20]} - {req.result}"
-    )
+    for dispute in disputes_db:
+        if dispute["id"] == dispute_id:
+            # 验���权限：必须是被申诉方
+            is_publisher = dispute.get("initiator_role") == "publisher"
+            respondent = dispute.get("assignee") if is_publisher else dispute.get("publisher")
+            
+            if current_user != respondent:
+                raise HTTPException(status_code=403, detail="只有被申诉方可以回应")
+            
+            if dispute.get("status") != "pending":
+                raise HTTPException(status_code=400, detail="该申诉已回应或已解决")
+            
+            dispute["response"] = response
+            dispute["response_evidence"] = (evidence or [])[:6]
+            dispute["responded_at"] = int(time.time())
+            dispute["status"] = "responded"
+            
+            db.save_data("disputes.json", disputes_db)
+            
+            # 🔔 通知申诉方：对方已回应
+            add_notification(dispute.get("initiator"), {
+                "type": "dispute_responded",
+                "from_user": current_user,
+                "target_item_id": dispute.get("task_id"),
+                "target_item_title": dispute.get("task_title", ""),
+                "content": f"对方已回应您关于任务《{dispute.get('task_title', '')}》的申诉"
+            })
+            
+            return {"status": "success", "message": "回应已提交，等待管理员仲裁"}
     
-    return {"status": "success", "message": result_msg}
-
+    raise HTTPException(status_code=404, detail="申诉不存在")
 
-def _execute_dispute_payment(users_db: dict, from_account: str, to_account: str, amount: int, task: dict, scenario: str):
+@router.get("/api/admin/disputes")
+async def get_admin_disputes(status: str = None, current_user: str = Depends(require_auth)):
     """
-    执行申诉仲裁后的资金转移
+    管理员获取申诉列表
+    - status: pending/responded/resolved
     """
-    from_info = users_db.get(from_account, {})
-    to_info = users_db.get(to_account, {})
+    if current_user not in ADMIN_ACCOUNTS:
+        raise HTTPException(status_code=403, detail="需要管理员权限")
     
-    if scenario == "assignee_wins":
-        # 接单者胜诉：从发布者冻结中扣除尾款并转给接单者
-        from_info["balance"] = from_info.get("balance", 0) - amount
-        from_info["frozen_balance"] = max(0, from_info.get("frozen_balance", 0) - amount)
-        to_info["balance"] = to_info.get("balance", 0) + amount
-        
-        _record_transaction(from_account, "dispute_loss", amount, task.get("id"), to_account, "申诉裁决扣款")
-        _record_transaction(to_account, "dispute_win", amount, task.get("id"), from_account, "申诉裁决获得")
-        
-    elif scenario == "publisher_wins":
-        # 发布者胜诉：从接单者扣除已收到的订金并退给发布者
-        deposit_amount = task.get("depositAmount", 0)
-        from_info["balance"] = max(0, from_info.get("balance", 0) - deposit_amount)
-        to_info["balance"] = to_info.get("balance", 0) + deposit_amount
-        
-        _record_transaction(from_account, "dispute_loss", deposit_amount, task.get("id"), to_account, "申诉裁决退还订金")
-        _record_transaction(to_account, "dispute_win", deposit_amount, task.get("id"), from_account, "申诉裁决收回订金")
-    
-    users_db[from_account] = from_info
-    users_db[to_account] = to_info
-
+    disputes_db = db.load_data("disputes.json", default_data=[])
+    users_db = db.load_data("users.json", default_data=[])
+    
+    user_map = {u["account"]: u for u in users_db}
+    
+    # 筛选
+    filtered = disputes_db
+    if status:
+        filtered = [d for d in filtered if d.get("status") == status]
+    
+    # 按时间倒序
+    filtered = sorted(filtered, key=lambda x: x.get("created_at", 0), reverse=True)
+    
+    # 附加用户信息
+    result = []
+    for dispute in filtered:
+        publisher_info = user_map.get(dispute.get("publisher"), {})
+        assignee_info = user_map.get(dispute.get("assignee"), {})
+        result.append({
+            **dispute,
+            "publisher_name": publisher_info.get("name", dispute.get("publisher")),
+            "assignee_name": assignee_info.get("name", dispute.get("assignee"))
+        })
+    
+    return {"status": "success", "data": result}
 
-def _execute_dispute_split(users_db: dict, publisher: str, assignee: str, initiator: str, respondent: str, 
-                           initiator_amount: int, respondent_amount: int, task: dict):
+@router.post("/api/admin/disputes/{dispute_id}/resolve")
+async def resolve_dispute(dispute_id: str, resolution: str, ratio: int = None, note: str = None, current_user: str = Depends(require_auth)):
     """
-    执行申诉分成处理
+    管理员裁决申诉
+    - resolution: favor_initiator(支持申诉方) / favor_respondent(支持被申诉方) / split(按比例分成)
+    - ratio: 分成比例(0-100)，表示申诉方获得的比例。仅split时有效
+    - note: 裁决说明
     """
-    # 从发布者冻结中扣除尾款
-    publisher_info = users_db.get(publisher, {})
-    final_payment = task.get("finalPayment", 0)
-    
-    publisher_info["balance"] = publisher_info.get("balance", 0) - final_payment
-    publisher_info["frozen_balance"] = max(0, publisher_info.get("frozen_balance", 0) - final_payment)
-    users_db[publisher] = publisher_info
-    
-    # 分配给双方
-    initiator_info = users_db.get(initiator, {})
-    respondent_info = users_db.get(respondent, {})
+    if current_user not in ADMIN_ACCOUNTS:
+        raise HTTPException(status_code=403, detail="需要管理员权限")
     
-    initiator_info["balance"] = initiator_info.get("balance", 0) + initiator_amount
-    respondent_info["balance"] = respondent_info.get("balance", 0) + respondent_amount
+    if resolution not in ["favor_initiator", "favor_respondent", "split"]:
+        raise HTTPException(status_code=400, detail="无效的裁决结果")
     
-    users_db[initiator] = initiator_info
-    users_db[respondent] = respondent_info
+    if resolution == "split" and (ratio is None or ratio < 0 or ratio > 100):
+        raise HTTPException(status_code=400, detail="分成比例必须在0-100之间")
     
-    _record_transaction(initiator, "dispute_split", initiator_amount, task.get("id"), note="申诉调解分成")
-    _record_transaction(respondent, "dispute_split", respondent_amount, task.get("id"), note="申诉调解分成")
-
-
-# ==========================================
-# ⚖️ P3增强：获取申诉列表
-# ==========================================
-@router.get("/api/tasks/disputes")
-async def get_disputes(status: str = "all", page: int = 1, page_size: int = 20):
-    """
-    获取申诉列表（管理员用）
-    """
     disputes_db = db.load_data("disputes.json", default_data=[])
+    tasks_db = db.load_data("tasks.json", default_data=[])
+    users_db = db.load_data("users.json", default_data=[])
     
-    # 过滤
-    if status != "all":
-        disputes_db = [d for d in disputes_db if d.get("status") == status]
-    
-    # 排序：未处理的优先
-    disputes_db.sort(key=lambda x: (0 if x.get("status") in ["pending", "responded"] else 1, -x.get("created_at", 0)))
-    
-    # 分页
-    total = len(disputes_db)
-    start = (page - 1) * page_size
-    end = start + page_size
-    paginated = disputes_db[start:end]
+    for dispute in disputes_db:
+        if dispute["id"] == dispute_id:
+            if dispute.get("status") == "resolved":
+                raise HTTPException(status_code=400, detail="该申诉已裁决")
+            
+            # 查找关联任务
+            task = next((t for t in tasks_db if t["id"] == dispute.get("task_id")), None)
+            if not task:
+                raise HTTPException(status_code=404, detail="关联任务不存在")
+            
+            total_price = task.get("total_price", 0)
+            deposit = task.get("deposit_amount", 0)
+            
+            publisher = next((u for u in users_db if u["account"] == dispute.get("publisher")), None)
+            assignee = next((u for u in users_db if u["account"] == dispute.get("assignee")), None)
+            
+            is_publisher_initiator = dispute.get("initiator_role") == "publisher"
+            initiator = publisher if is_publisher_initiator else assignee
+            respondent = assignee if is_publisher_initiator else publisher
+            
+            # 计算资金分配
+            if resolution == "favor_initiator":
+                # 支持申诉方
+                if is_publisher_initiator:
+                    # 发布者胜诉：退还订金
+                    if publisher:
+                        publisher["balance"] = publisher.get("balance", 0) + deposit
+                    initiator_amount = deposit
+                    respondent_amount = 0
+                else:
+                    # 接单者胜诉：获得全款
+                    if publisher:
+                        remaining = total_price - deposit
+                        publisher["balance"] = publisher.get("balance", 0) - remaining
+                    if assignee:
+                        assignee["balance"] = assignee.get("balance", 0) + total_price
+                    initiator_amount = total_price
+                    respondent_amount = 0
+            elif resolution == "favor_respondent":
+                # 支持被申诉方
+                if is_publisher_initiator:
+                    # 接单者胜诉：获得全款
+                    if publisher:
+                        remaining = total_price - deposit
+                        publisher["balance"] = publisher.get("balance", 0) - remaining
+                    if assignee:
+                        assignee["balance"] = assignee.get("balance", 0) + total_price
+                    initiator_amount = 0
+                    respondent_amount = total_price
+                else:
+                    # 发布者胜诉：退还订金
+                    if publisher:
+                        publisher["balance"] = publisher.get("balance", 0) + deposit
+                    initiator_amount = 0
+                    respondent_amount = deposit
+            else:
+                # 按比例分成
+                initiator_share = int(total_price * ratio / 100)
+                respondent_share = total_price - initiator_share
+                
+                # 处理资金：发布者支付尾款，然后按比例分配
+                if publisher:
+                    remaining = total_price - deposit
+                    publisher["balance"] = publisher.get("balance", 0) - remaining
+                
+                # 发布者获得退款部分，接单者获得报酬部分
+                if is_publisher_initiator:
+                    # 申诉方是发布者
+                    pub_refund = initiator_share
+                    assignee_earn = respondent_share
+                else:
+                    # 申诉方是接单者
+                    assignee_earn = initiator_share
+                    pub_refund = respondent_share
+                
+                if publisher:
+                    publisher["balance"] = publisher.get("balance", 0) + pub_refund
+                if assignee:
+                    assignee["balance"] = assignee.get("balance", 0) + assignee_earn
+                
+                initiator_amount = initiator_share
+                respondent_amount = respondent_share
+            
+            # 更新申诉状态
+            dispute["resolution"] = resolution
+            dispute["resolution_ratio"] = ratio
+            dispute["resolution_note"] = note
+            dispute["resolved_by"] = current_user
+            dispute["resolved_at"] = int(time.time())
+            dispute["status"] = "resolved"
+            
+            # 更新任务状态
+            task["status"] = "completed"
+            task["completed_at"] = int(time.time())
+            task["feedback"] = f"申诉裁决：{note or '无'}（结果：{resolution}）"
+            
+            db.save_data("disputes.json", disputes_db)
+            db.save_data("tasks.json", tasks_db)
+            db.save_data("users.json", users_db)
+            
+            # 🔔 通知双方：仲裁结果
+            resolution_text = {
+                "favor_initiator": "支持申诉方",
+                "favor_respondent": "支持被申诉方",
+                "split": f"双方协商分成({ratio}%:{100-ratio}%)"
+            }.get(resolution, "已裁决")
+            
+            # 通知申诉方
+            add_notification(dispute.get("initiator"), {
+                "type": "dispute_resolved",
+                "from_user": current_user,
+                "target_item_id": dispute.get("task_id"),
+                "target_item_title": dispute.get("task_title", ""),
+                "content": f"您的申诉已裁决：{resolution_text}，您获得{initiator_amount}积分"
+            })
+            
+            # 通知被申诉方
+            respondent_account = dispute.get("assignee") if is_publisher_initiator else dispute.get("publisher")
+            add_notification(respondent_account, {
+                "type": "dispute_resolved",
+                "from_user": current_user,
+                "target_item_id": dispute.get("task_id"),
+                "target_item_title": dispute.get("task_title", ""),
+                "content": f"任务申诉已裁决：{resolution_text}，您获得{respondent_amount}积分"
+            })
+            
+            return {"status": "success", "message": f"裁决完成：{resolution_text}"}
     
-    return {
-        "status": "success",
-        "data": paginated,
-        "total": total,
-        "page": page,
-        "page_size": page_size
-    }
-
+    raise HTTPException(status_code=404, detail="申诉不存在")
 
 # ==========================================
-# ⚖️ P3增强：获取单个申诉详情
+# 📊 我的任务
 # ==========================================
-@router.get("/api/tasks/disputes/{dispute_id}")
-async def get_dispute_detail(dispute_id: str):
-    """
-    获取申诉详情
-    """
-    disputes_db = db.load_data("disputes.json", default_data=[])
-    
-    dispute = next((d for d in disputes_db if d.get("id") == dispute_id), None)
-    if not dispute:
-        raise HTTPException(status_code=404, detail="申诉不存在")
-    
-    return {"status": "success", "data": dispute}
 
-
-# ==========================================
-# ⚖️ P3增强：获取用户相关的申诉
-# ==========================================
-@router.get("/api/tasks/disputes/user/{account}")
-async def get_user_disputes(account: str):
+@router.get("/api/my-tasks")
+async def get_my_tasks(role: str = "publisher", current_user: str = Depends(require_auth)):
     """
-    获取用户发起或参与的申诉
+    获取我的任务
+    - role=publisher: 我发布的任务
+    - role=assignee: 我接的任务
     """
-    disputes_db = db.load_data("disputes.json", default_data=[])
+    tasks_db = db.load_data("tasks.json", default_data=[])
     
-    user_disputes = [
-        d for d in disputes_db 
-        if d.get("initiator") == account or d.get("respondent") == account
-    ]
+    if role == "publisher":
+        my_tasks = [t for t in tasks_db if t.get("publisher") == current_user]
+    else:
+        my_tasks = [t for t in tasks_db if t.get("assignee") == current_user]
     
-    user_disputes.sort(key=lambda x: x.get("created_at", 0), reverse=True)
+    # 按创建时间倒序
+    my_tasks = sorted(my_tasks, key=lambda x: x.get("created_at", 0), reverse=True)
     
-    return {"status": "success", "data": user_disputes}
+    return {"status": "success", "data": my_tasks}

router_users_auth.py

@@ -133,7 +133,8 @@ async def send_code_api(req: SendCodeRequest):
 #   - 数据库连接.py (保存新用户到 users.json)
 #   - 前端 注册表单组件.js
 @router.post("/api/users/register")
-async def register_user(user: UserRegister):
+@limiter.limit("3/minute")  # 🔒 P0安全优化：注册每分钟最多3次
+async def register_user(request: Request, user: UserRegister):
     """
     用户注册接口
     
@@ -273,6 +274,7 @@ async def login_user(request: Request, user: UserLogin):
 #   - 前端 重置密码表单组件.js
 # 特点：万能解析器，兼容各种前端数据格式
 @router.post("/api/users/reset_password")
+@limiter.limit("3/minute")  # 🔒 P0安全优化：重置密码每分钟最多3次
 async def reset_password(request: Request):
     """
     重置密码接口（万能兼容版）
@@ -289,12 +291,12 @@ async def reset_password(request: Request):
         # 处理前端可能造成的"双重字符串化"问题
         if isinstance(data, str):
             data = json.loads(data)
-    except:
+    except Exception:
         # 降级尝试 FormData 格式
         try:
             form = await request.form()
             data = dict(form)
-        except:
+        except Exception:
             raise HTTPException(status_code=400, detail="请求数据解析失败，请检查网络")
     
     if not isinstance(data, dict):

router_wallet.py

@@ -7,6 +7,7 @@
 #   - verify_code_engine.py (提现验证码缓存)
 #   - database_sql.py (SQL数据库连接)
 #   - models_sql.py (Wallet, Transaction, Ownership 模型)
+# 🔒 P0安全优化：API限流
 # ==========================================
 
 from fastapi import APIRouter, Depends, HTTPException, Request
@@ -19,10 +20,20 @@ import os
 import datetime
 import logging
 from database_sql import get_db
-from models_sql import Wallet, Transaction, Ownership
+from models_sql import Wallet, Transaction, Ownership, Refund
 from models import RechargeRequest, WithdrawRequest, PurchaseRequest, TipRequest
 import 数据库连接 as json_db
 
+# 🔒 P0安全优化：API限流
+from slowapi import Limiter
+from slowapi.util import get_remote_address
+limiter = Limiter(key_func=get_remote_address)
+
+# 🔄 P7后悔模式：24小时退款窗口
+REFUND_WINDOW_HOURS = 24
+# 🔄 P7后悔模式：退款后30天禁购
+REFUND_BAN_DAYS = 30
+
 # 📝 P2优化：审计日志
 logger = logging.getLogger("ComfyUI-Ranking.Wallet")
 
@@ -122,9 +133,13 @@ async def check_order(order_id: str, db: Session = Depends(get_db)):
 async def get_wallet(account: str, db: Session = Depends(get_db)):
     wallet = db.query(Wallet).filter(Wallet.account == account).first()
     
-    # 🚀 新增：计算历史累计提现总积分 (用于前端 100元免责额度的手续费计算)
-    withdrawals = db.query(Transaction).filter(Transaction.account == account, Transaction.tx_type == 'WITHDRAW').all()
-    total_withdrawn = sum(w.amount for w in withdrawals)
+    # 🚀 P1性能优化：使用聚合函数代替 .all() + sum
+    from sqlalchemy import func
+    total_withdrawn = db.query(func.coalesce(func.sum(Transaction.amount), 0)).filter(
+        Transaction.account == account, 
+        Transaction.tx_type == 'WITHDRAW'
+    ).scalar() or 0
+    total_withdrawn = abs(total_withdrawn)  # 提现金额是负数
     
     if not wallet: 
         return {"status": "success", "balance": 0, "earn_balance": 0, "tip_balance": 0, "frozen_balance": 0, "total_withdrawn": total_withdrawn}
@@ -139,22 +154,65 @@ async def get_wallet(account: str, db: Session = Depends(get_db)):
     }
 
 @router.post("/api/wallet/purchase")
-async def purchase_item(req: PurchaseRequest, db: Session = Depends(get_db)):
+@limiter.limit("10/minute")  # 🔒 P0安全优化：购买每分钟最多10次
+async def purchase_item(request: Request, req: PurchaseRequest, db: Session = Depends(get_db)):
     items_db = json_db.load_data("items.json", default_data=[])
     item = next((i for i in items_db if i["id"] == req.item_id), None)
     
     if not item:
         raise HTTPException(status_code=404, detail="商品不存在")
-        
-    price = int(item.get("price", 0))
+    
+    # 🔄 P7后悔模式：检查价格是否延迟生效
+    actual_price = item.get("price", 0)
+    pending_price = item.get("pending_price")
+    pending_price_effective = item.get("pending_price_effective_at")
+    if pending_price is not None and pending_price_effective:
+        # 检查是否已过生效时间
+        effective_time = datetime.datetime.fromisoformat(pending_price_effective)
+        if datetime.datetime.now() >= effective_time:
+            actual_price = pending_price
+            # 更新实际价格，清除待生效价格
+            item["price"] = pending_price
+            item["pending_price"] = None
+            item["pending_price_effective_at"] = None
+            json_db.save_data("items.json", items_db)
+    
+    price = int(actual_price)
     seller_account = item.get("author")
     
     if price <= 0 or req.account == seller_account:
-        return {"status": "success", "already_owned": True}
-        
-    owned = db.query(Ownership).filter(Ownership.account == req.account, Ownership.item_id == req.item_id).first()
+        # ☁️ 免费资源或作者本人，也返回网盘密码
+        return {
+            "status": "success", 
+            "already_owned": True,
+            "netdisk_password": item.get("netdisk_password"),  # ☁️
+            "is_netdisk": item.get("is_netdisk", False)        # ☁️
+        }
+    
+    # 🔄 P7后悔模式：检查30天禁购
+    refund_ban = db.query(Refund).filter(
+        Refund.account == req.account,
+        Refund.item_id == req.item_id,
+        Refund.ban_until > datetime.datetime.utcnow()
+    ).first()
+    if refund_ban:
+        days_left = (refund_ban.ban_until - datetime.datetime.utcnow()).days + 1
+        raise HTTPException(status_code=403, detail=f"您已退款过此商品，{days_left}天内禁止再次购买")
+    
+    # 检查是否已拥有（排除已退款的记录）
+    owned = db.query(Ownership).filter(
+        Ownership.account == req.account, 
+        Ownership.item_id == req.item_id,
+        Ownership.is_refunded == False
+    ).first()
     if owned:
-        return {"status": "success", "already_owned": True}
+        # ☁️ 已购买用户，返回���盘密码
+        return {
+            "status": "success", 
+            "already_owned": True,
+            "netdisk_password": item.get("netdisk_password"),  # ☁️
+            "is_netdisk": item.get("is_netdisk", False)        # ☁️
+        }
         
     buyer_wallet = db.query(Wallet).filter(Wallet.account == req.account).with_for_update().first()
     if not buyer_wallet or buyer_wallet.balance < price:
@@ -168,7 +226,8 @@ async def purchase_item(req: PurchaseRequest, db: Session = Depends(get_db)):
     buyer_wallet.balance -= price
     seller_wallet.earn_balance += price
     
-    new_ownership = Ownership(account=req.account, item_id=req.item_id)
+    # 🔄 P7后悔模式：记录购买价格
+    new_ownership = Ownership(account=req.account, item_id=req.item_id, price_paid=price)
     db.add(new_ownership)
     
     tx_id = f"BUY_{int(time.time())}_{uuid.uuid4().hex[:6]}"
@@ -179,7 +238,7 @@ async def purchase_item(req: PurchaseRequest, db: Session = Depends(get_db)):
     # 创建交易记录 (字段名为 related_account，与 models_sql.py 中 Transaction 模型保持一致)
     new_tx = Transaction(
         tx_id=tx_id, account=req.account, tx_type="PURCHASE", amount=-price,
-        related_account=seller_account, prev_hash=prev_hash, tx_hash=tx_hash
+        related_account=seller_account, item_id=req.item_id, prev_hash=prev_hash, tx_hash=tx_hash
     )
     db.add(new_tx)
     db.commit()
@@ -187,10 +246,17 @@ async def purchase_item(req: PurchaseRequest, db: Session = Depends(get_db)):
     # 📝 P2优化：购买审计日志
     logger.info(f"PURCHASE | buyer={req.account} | seller={seller_account} | item={req.item_id} | amount={price} | tx={tx_id}")
     
-    return {"status": "success", "already_owned": False}
+    # ☁️ 购买成功后返回网盘密码
+    return {
+        "status": "success", 
+        "already_owned": False,
+        "netdisk_password": item.get("netdisk_password"),  # ☁️ 只有购买成功才返回
+        "is_netdisk": item.get("is_netdisk", False)        # ☁️
+    }
 
 @router.post("/api/wallet/tip")
-async def tip_user(req: TipRequest, db: Session = Depends(get_db)):
+@limiter.limit("20/minute")  # 🔒 P0安全优化：打赏每分钟最多20次
+async def tip_user(request: Request, req: TipRequest, db: Session = Depends(get_db)):
     if req.amount <= 0:
         raise HTTPException(status_code=400, detail="打赏金额必须大于0")
     if req.sender_account == req.target_account:
@@ -274,7 +340,8 @@ async def tip_user(req: TipRequest, db: Session = Depends(get_db)):
     return {"status": "success", "balance": sender_wallet.balance}
 
 @router.post("/api/wallet/withdraw")
-async def withdraw(req: WithdrawRequest, db: Session = Depends(get_db)):
+@limiter.limit("3/minute")  # 🔒 P0安全优化：提现每分钟最多3次
+async def withdraw(request: Request, req: WithdrawRequest, db: Session = Depends(get_db)):
     key = f"{req.account}_withdraw"
     code_data = VERIFY_CODES.get(key)
     # 🔒 P0安全修复：统一使用 expires_at 字段，兼容旧版 expires
@@ -288,11 +355,13 @@ async def withdraw(req: WithdrawRequest, db: Session = Depends(get_db)):
     
     # 🚀 核心新增：阶梯手续费计算 (与前端逻辑统一)
     # 查询历史累计提现总额 (WITHDRAW 类型的 amount 是负数，需要取绝对值)
-    withdrawals = db.query(Transaction).filter(
+    # 🚀 P1性能优化：使用聚合函数代替 .all() + sum
+    from sqlalchemy import func as sql_func
+    withdrawals_sum = db.query(sql_func.coalesce(sql_func.sum(Transaction.amount), 0)).filter(
         Transaction.account == req.account, 
         Transaction.tx_type == 'WITHDRAW'
-    ).all()
-    total_withdrawn = abs(sum(w.amount for w in withdrawals))
+    ).scalar() or 0
+    total_withdrawn = abs(withdrawals_sum)
     
     # 手续费规则：100元 = 10000积分 免手续费额度，超出部分收取 10%
     free_quota = max(0, 10000 - total_withdrawn)  # 剩余免责额度
@@ -349,4 +418,242 @@ async def withdraw(req: WithdrawRequest, db: Session = Depends(get_db)):
         "fee_amount": fee_amount,
         "net_amount": net_amount,
         "free_quota_used": min(req.amount, free_quota + total_withdrawn) - total_withdrawn  # 本次消耗的免责额度
+    }
+
+# ==========================================
+# 💳 P6支付增强：交易明细查询API
+# ==========================================
+
+@router.get("/api/wallet/{account}/transactions")
+async def get_transactions(
+    account: str,
+    page: int = 1,
+    limit: int = 20,
+    tx_type: str = None,
+    db: Session = Depends(get_db)
+):
+    """
+    获取用户交易明细（分页）
+    - tx_type: 可选筛选（RECHARGE/PURCHASE/TIP_OUT/TIP_IN/WITHDRAW/TASK_FREEZE/TASK_DEPOSIT/TASK_PAYMENT/TASK_INCOME/TASK_REFUND）
+    """
+    query = db.query(Transaction).filter(Transaction.account == account)
+    
+    if tx_type:
+        query = query.filter(Transaction.tx_type == tx_type)
+    
+    total = query.count()
+    transactions = query.order_by(Transaction.created_at.desc()).offset((page - 1) * limit).limit(limit).all()
+    
+    # 格式化输出
+    tx_list = []
+    for tx in transactions:
+        tx_list.append({
+            "tx_id": tx.tx_id,
+            "tx_type": tx.tx_type,
+            "amount": tx.amount,
+            "related_account": tx.related_account,
+            "item_id": tx.item_id,
+            "created_at": tx.created_at.isoformat() if tx.created_at else None
+        })
+    
+    return {
+        "status": "success",
+        "data": tx_list,
+        "total": total,
+        "page": page,
+        "limit": limit
+    }
+
+@router.get("/api/wallet/{account}/task-stats")
+async def get_task_stats(account: str, db: Session = Depends(get_db)):
+    """
+    📊 获取用户任务收益统计
+    🚀 P1性能优化：使用单次查询+分组聚合替代多次查询
+    """
+    from sqlalchemy import func as sql_func, case
+    
+    # 🚀 P1性能优化：使用分组聚合一次查询多种类型的统计
+    stats = db.query(
+        Transaction.tx_type,
+        sql_func.count(Transaction.tx_id).label('count'),
+        sql_func.coalesce(sql_func.sum(Transaction.amount), 0).label('total')
+    ).filter(
+        Transaction.account == account,
+        Transaction.tx_type.in_(["TASK_INCOME", "TASK_FREEZE", "TASK_DEPOSIT", "TASK_PAYMENT", "TASK_REFUND"])
+    ).group_by(Transaction.tx_type).all()
+    
+    # 解析统计结果
+    stats_map = {s.tx_type: {'count': s.count, 'total': s.total} for s in stats}
+    
+    total_income = stats_map.get('TASK_INCOME', {}).get('total', 0) or 0
+    income_count = stats_map.get('TASK_INCOME', {}).get('count', 0) or 0
+    
+    # 任务支出（发布任务的支付）
+    total_payment = abs(
+        (stats_map.get('TASK_FREEZE', {}).get('total', 0) or 0) +
+        (stats_map.get('TASK_DEPOSIT', {}).get('total', 0) or 0) +
+        (stats_map.get('TASK_PAYMENT', {}).get('total', 0) or 0)
+    )
+    payment_count = (
+        (stats_map.get('TASK_FREEZE', {}).get('count', 0) or 0) +
+        (stats_map.get('TASK_DEPOSIT', {}).get('count', 0) or 0) +
+        (stats_map.get('TASK_PAYMENT', {}).get('count', 0) or 0)
+    )
+    
+    total_refund = stats_map.get('TASK_REFUND', {}).get('total', 0) or 0
+    
+    # 最近交易（任务相关）
+    recent_txs = db.query(Transaction).filter(
+        Transaction.account == account,
+        Transaction.tx_type.in_(["TASK_INCOME", "TASK_PAYMENT", "TASK_DEPOSIT", "TASK_FREEZE", "TASK_REFUND"])
+    ).order_by(Transaction.created_at.desc()).limit(10).all()
+    
+    recent_list = [{
+        "tx_id": tx.tx_id,
+        "tx_type": tx.tx_type,
+        "amount": tx.amount,
+        "item_id": tx.item_id,
+        "created_at": tx.created_at.isoformat() if tx.created_at else None
+    } for tx in recent_txs]
+    
+    return {
+        "status": "success",
+        "data": {
+            "total_income": total_income,
+            "income_count": income_count,
+            "total_payment": total_payment,
+            "payment_count": payment_count,
+            "total_refund": total_refund,
+            "net_earnings": total_income - total_payment + total_refund,
+            "recent_transactions": recent_list
+        }
+    }
+
+# ==========================================
+# 🔄 P7后悔模式：退款API
+# ==========================================
+
+@router.get("/api/wallet/{account}/purchase/{item_id}")
+async def get_purchase_status(account: str, item_id: str, db: Session = Depends(get_db)):
+    """
+    获取购买状态（用于判断是否可退款）
+    """
+    ownership = db.query(Ownership).filter(
+        Ownership.account == account,
+        Ownership.item_id == item_id,
+        Ownership.is_refunded == False
+    ).first()
+    
+    if not ownership:
+        return {"status": "success", "owned": False}
+    
+    # 计算是否在退款窗口内
+    purchased_at = ownership.purchased_at
+    now = datetime.datetime.utcnow()
+    refund_deadline = purchased_at + datetime.timedelta(hours=REFUND_WINDOW_HOURS)
+    can_refund = now < refund_deadline
+    hours_left = max(0, (refund_deadline - now).total_seconds() / 3600) if can_refund else 0
+    
+    return {
+        "status": "success",
+        "owned": True,
+        "purchased_at": purchased_at.isoformat(),
+        "price_paid": ownership.price_paid,
+        "can_refund": can_refund,
+        "refund_hours_left": round(hours_left, 1)
+    }
+
+@router.post("/api/wallet/refund")
+@limiter.limit("3/minute")  # 🔒 P0安全优化：退款每分钟最多3次
+async def refund_purchase(request: Request, account: str, item_id: str, db: Session = Depends(get_db)):
+    """
+    🔄 P7后悔模式：申请退款
+    - 24小时内可退款
+    - 退款后30天内禁止再次购买
+    - 退款后权限回收
+    """
+    items_db = json_db.load_data("items.json", default_data=[])
+    item = next((i for i in items_db if i["id"] == item_id), None)
+    
+    if not item:
+        raise HTTPException(status_code=404, detail="商品不存在")
+    
+    # 查找购买记录
+    ownership = db.query(Ownership).filter(
+        Ownership.account == account,
+        Ownership.item_id == item_id,
+        Ownership.is_refunded == False
+    ).first()
+    
+    if not ownership:
+        raise HTTPException(status_code=404, detail="未找到购买记录")
+    
+    # 检查是否在退款窗口内
+    purchased_at = ownership.purchased_at
+    now = datetime.datetime.utcnow()
+    refund_deadline = purchased_at + datetime.timedelta(hours=REFUND_WINDOW_HOURS)
+    
+    if now >= refund_deadline:
+        hours_passed = (now - purchased_at).total_seconds() / 3600
+        raise HTTPException(status_code=400, detail=f"已超过24小时退款窗口（已购买{hours_passed:.1f}小时）")
+    
+    refund_amount = ownership.price_paid or 0
+    seller_account = item.get("author")
+    
+    if refund_amount <= 0:
+        raise HTTPException(status_code=400, detail="该商品为免费资源，无需退款")
+    
+    # 执行退款
+    buyer_wallet = db.query(Wallet).filter(Wallet.account == account).with_for_update().first()
+    seller_wallet = db.query(Wallet).filter(Wallet.account == seller_account).with_for_update().first()
+    
+    if seller_wallet:
+        # 从卖家收益中扣除（如果不足则从余额扣除）
+        if seller_wallet.earn_balance >= refund_amount:
+            seller_wallet.earn_balance -= refund_amount
+        else:
+            remaining = refund_amount - seller_wallet.earn_balance
+            seller_wallet.earn_balance = 0
+            seller_wallet.balance = max(0, seller_wallet.balance - remaining)
+    
+    if buyer_wallet:
+        buyer_wallet.balance += refund_amount
+    else:
+        buyer_wallet = Wallet(account=account, balance=refund_amount)
+        db.add(buyer_wallet)
+    
+    # 标记所有权为已退款
+    ownership.is_refunded = True
+    ownership.refunded_at = now
+    
+    # 创建退款记录（30天禁购）
+    ban_until = now + datetime.timedelta(days=REFUND_BAN_DAYS)
+    new_refund = Refund(
+        account=account,
+        item_id=item_id,
+        amount=refund_amount,
+        ban_until=ban_until
+    )
+    db.add(new_refund)
+    
+    # 记录退款交易
+    tx_id = f"REFUND_{int(time.time())}_{uuid.uuid4().hex[:6]}"
+    last_tx = db.query(Transaction).filter(Transaction.account == account).order_by(Transaction.created_at.desc()).first()
+    prev_hash = last_tx.tx_hash if last_tx else "GENESIS_HASH"
+    tx_hash = calculate_tx_hash(tx_id, account, "REFUND", refund_amount, prev_hash)
+    
+    new_tx = Transaction(
+        tx_id=tx_id, account=account, tx_type="REFUND", amount=refund_amount,
+        related_account=seller_account, item_id=item_id, prev_hash=prev_hash, tx_hash=tx_hash
+    )
+    db.add(new_tx)
+    db.commit()
+    
+    logger.info(f"REFUND | buyer={account} | seller={seller_account} | item={item_id} | amount={refund_amount} | ban_until={ban_until.isoformat()}")
+    
+    return {
+        "status": "success",
+        "message": f"退款成功，{refund_amount}积分已退还",
+        "refund_amount": refund_amount,
+        "ban_days": REFUND_BAN_DAYS
     }

数据库连接.py

@@ -23,9 +23,14 @@ import threading
 import time
 import shutil
 import tempfile
+import logging
 from typing import Any, Dict, List, Optional, Union
+from concurrent.futures import ThreadPoolExecutor
 from huggingface_hub import HfApi, hf_hub_download
 
+# 📝 日志配置
+logger = logging.getLogger("ComfyUI-Ranking.DB")
+
 
 # ==========================================
 # 🔧 配置常量
@@ -46,6 +51,9 @@ BACKUP_DIR = os.path.join(LOCAL_DB_DIR, "_backups")
 # HuggingFace API 客户端
 api = HfApi() if HF_TOKEN else None
 
+# 🔧 P3优化：线程池管理上传任务（限制并发数）
+_upload_executor = ThreadPoolExecutor(max_workers=2, thread_name_prefix="hf_upload")
+
 # 确保目录存在
 os.makedirs(LOCAL_DB_DIR, exist_ok=True)
 os.makedirs(BACKUP_DIR, exist_ok=True)
@@ -97,8 +105,8 @@ if sys.platform == "win32":
         try:
             file_obj.seek(0)
             msvcrt.locking(file_obj.fileno(), msvcrt.LK_UNLCK, 1)
-        except:
-            pass
+        except Exception:
+            pass  # Windows 文件锁释放失败可忽略
 
 else:
     # Linux/Mac 文件锁
@@ -278,12 +286,12 @@ def save_data(file_name: str, data: Union[Dict, List]) -> bool:
             raise
     
     # ========== 第五步：异步同步到云端 ==========
+    # 🔧 P3优化：使用线程池替代直接创建线程
     if HF_TOKEN:
-        threading.Thread(
-            target=_background_upload_to_hf,
-            args=(local_path, file_name),
-            daemon=True
-        ).start()
+        try:
+            _upload_executor.submit(_background_upload_to_hf, local_path, file_name)
+        except Exception as e:
+            logger.warning(f"提交上传任务失败: {e}")
 
 
 # ==========================================
@@ -332,8 +340,8 @@ def _save_to_failed_queue(file_name: str):
     try:
         with open(failed_queue_path, "a", encoding="utf-8") as f:
             f.write(f"{time.strftime('%Y-%m-%d %H:%M:%S')} | {file_name}\n")
-    except:
-        pass
+    except Exception as e:
+        print(f"⚠️ 记录上传失败队列异常: {e}")
 
 
 # ==========================================
@@ -357,7 +365,7 @@ def verify_data_integrity(file_name: str) -> bool:
         with open(local_path, "r", encoding="utf-8") as f:
             json.load(f)
         return True
-    except:
+    except Exception:
         return False