hi

.gitignore

@@ -0,0 +1,12 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+venv/
+.env
+
+# Data and large files (using Git LFS for PDFs)
+data/*.pdf
+
+# OS files
+.DS_Store

Dockerfile

@@ -0,0 +1,44 @@
+# Use Python 3.11 slim image for production
+FROM python:3.11-slim
+
+# Set environment variables
+ENV PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    PYTHONPATH=/app \
+    PIP_NO_CACHE_DIR=1 \
+    PIP_DISABLE_PIP_VERSION_CHECK=1
+
+# Set work directory
+WORKDIR /app
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y \
+    gcc \
+    g++ \
+    curl \
+    && rm -rf /var/lib/apt/lists/*
+
+# Copy requirements first for better caching
+COPY requirements.txt .
+
+# Install Python dependencies
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy application code
+COPY . .
+
+# Create non-root user for security
+RUN groupadd -r appuser && useradd -r -g appuser appuser
+RUN chown -R appuser:appuser /app
+USER appuser
+
+# Expose port (Hugging Face Spaces default is 7860)
+ENV PORT=7860
+EXPOSE 7860
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
+    CMD curl -f http://localhost:7860/health || exit 1
+
+# Run the application
+CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860", "--workers", "1"]

README.md

@@ -1,10 +1,436 @@
----
-title: Silver
-emoji: 📚
-colorFrom: indigo
-colorTo: gray
-sdk: docker
-pinned: false
+# 銀髮餐桌助手 Backend API
+
+專為台灣銀髮族設計的AI營養飲食顧問服務後端，提供REST API接口和Gradio聊天界面。
+
+## 項目概述
+
+銀髮餐桌助手是一個結合AI技術的智能營養顧問系統，專為台灣銀髮族（65歲以上）提供個性化飲食建議和營養諮詢。系統採用FastAPI框架構建，提供完整的API接口和用戶友好的Gradio聊天界面。
+
+## 核心功能
+
+### 🔐 身份驗證與授權
+- 基於Supabase Auth的JWT身份驗證
+- 支持多種用戶角色（user、family、admin）
+- 角色基礎的訪問控制（RBAC）
+
+### 👤 用戶資料管理
+- 用戶檔案創建與更新
+- 健康狀況和飲食偏好管理
+- 個人化營養建議基礎
+
+### 💬 AI聊天諮詢
+- 智能營養飲食對話
+- 基於RAG的知識檢索增強生成
+- 支持個人化回應（基於用戶檔案）
+- Gradio無登入聊天界面
+
+### 🍽️ 菜單管理
+- 台灣在地銀髮友善餐點
+- 營養成分分析
+- 飲食標籤分類
+- 季節性和健康條件適配
+
+### 🛒 訂單管理
+- 餐點訂購功能
+- Stripe支付集成
+- 訂單狀態追蹤
+- 營養統計分析
+
+### 💰 捐款系統
+- 匿名和實名捐款支持
+- Stripe支付處理
+- 捐款記錄管理
+
+### 📊 營養儀表板
+- 個人營養攝取統計
+- 飲食習慣分析
+- 家庭成員健康監控
+
+## 技術架構
+
+### 核心技術棧
+- **FastAPI** - 高性能異步API框架
+- **SQLModel** - Python ORM與數據建模
+- **PostgreSQL** - 主數據庫（通過Supabase）
+- **pgvector** - 向量搜索支持
+- **Supabase** - 認證、數據庫和向量存儲
+- **OpenAI** - AI模型和向量嵌入
+- **LangChain** - RAG實現框架
+- **Stripe** - 支付處理
+- **Gradio** - 聊天界面
+
+### 系統架構
+```
+┌─────────────────┐    ┌─────────────────┐    ┌─────────────────┐
+│   Frontend      │    │   Backend API   │    │   External      │
+│   (React/Vue)   │◄──►│   (FastAPI)     │◄──►│   Services      │
+└─────────────────┘    └─────────────────┘    └─────────────────┘
+                              │
+                              ▼
+                       ┌─────────────────┐
+                       │   Database      │
+                       │   (Supabase     │
+                       │   PostgreSQL)   │
+                       └─────────────────┘
+```
+
+## 快速開始
+
+### 前置要求
+
+- Python 3.8+
+- PostgreSQL 13+ (通過Supabase)
+- Supabase項目
+- OpenAI API Key
+- Stripe賬戶
+
+### 環境變量配置
+
+複製 `.env.example` 到 `.env` 並填入以下配置：
+
+```bash
+# Supabase Configuration
+SUPABASE_URL=your_supabase_project_url
+SUPABASE_SERVICE_ROLE_KEY=your_supabase_service_role_key
+SUPABASE_ANON_KEY=your_supabase_anon_key
+
+# Database URL for pgvector (Supabase PostgreSQL)
+DATABASE_URL=postgresql+asyncpg://postgres:[YOUR_PASSWORD]@db.[YOUR_PROJECT_ID].supabase.co:5432/postgres
+
+# OpenAI Configuration
+OPENAI_API_KEY=your_openai_api_key
+
+# Stripe Configuration
+STRIPE_SECRET_KEY=sk_test_your_stripe_secret_key
+STRIPE_PUBLISHABLE_KEY=pk_test_your_stripe_publishable_key
+STRIPE_WEBHOOK_SECRET=whsec_your_stripe_webhook_secret
+
+# JWT Secret (if using custom JWT handling)
+JWT_SECRET=your_jwt_secret_key
+
+# Environment
+ENVIRONMENT=development
+
+# CORS Origins (comma-separated)
+CORS_ORIGINS=http://localhost:3000,http://localhost:5173
+
+# Frontend URL for redirects
+FRONTEND_URL=http://localhost:5173
+
+# Server Configuration
+HOST=0.0.0.0
+PORT=8000
+```
+
+### 安裝依賴
+
+```bash
+# 克隆項目
+git clone <repository-url>
+cd silver-table-assistant/backend
+
+# 創建虛擬環境
+python -m venv venv
+source venv/bin/activate  # Linux/Mac
+# 或 venv\Scripts\activate  # Windows
+
+# 安裝依賴
+pip install -r requirements.txt
+```
+
+### 啟動服務
+
+#### 開發模式
+```bash
+# 啟動FastAPI服務（自動重載）
+python app.py
+
+# 或使用uvicorn
+uvicorn app:app --reload --host 0.0.0.0 --port 8000
+```
+
+#### 生產模式
+```bash
+# 使用uvicorn生產配置
+uvicorn app:app --host 0.0.0.0 --port 8000 --workers 4
+```
+
+### 訪問應用
+
+- **API文檔**: http://localhost:8000/api/docs
+- **ReDoc文檔**: http://localhost:8000/api/redoc
+- **Gradio聊天界面**: http://localhost:8000/
+- **健康檢查**: http://localhost:8000/health
+
+## API文檔
+
+### 身份驗證
+
+所有需要認證的端點都需要在請求頭中包含JWT token：
+
+```http
+Authorization: Bearer <your-jwt-token>
+```
+
+### 主要端點
+
+#### 用戶資料
+- `GET /api/profiles` - 獲取用戶資料列表
+- `POST /api/profiles` - 創建或更新用戶��料
+
+#### 聊天諮詢
+- `POST /api/chat` - AI聊天諮詢（需要認證）
+- `GET /` - Gradio聊天界面（無需認證）
+
+#### 菜單管理
+- `GET /api/menu` - 獲取完整菜單
+
+#### 訂單管理
+- `POST /api/orders` - 創建新訂單（需要認證）
+
+#### 捐款系統
+- `POST /api/donations` - 創建捐款（支持匿名）
+
+#### 支付處理
+- `POST /api/webhook` - Stripe支付回調
+
+#### 儀表板
+- `GET /api/dashboard/{profile_id}` - 獲取營養統計（需要family角色）
+
+### 請求/響應範例
+
+#### 創建用戶資料
+```bash
+curl -X POST "http://localhost:8000/api/profiles" \
+  -H "Authorization: Bearer <token>" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "display_name": "張爺爺",
+    "age": 75,
+    "health_condition": "高血壓",
+    "dietary_restrictions": "低鈉飲食"
+  }'
+```
+
+#### AI聊天諮詢
+```bash
+curl -X POST "http://localhost:8000/api/chat" \
+  -H "Authorization: Bearer <token>" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "message": "請問銀髮族應該如何補充蛋白質？",
+    "profile_id": "uuid-string"
+  }'
+```
+
+## 數據庫架構
+
+### 主要數據表
+
+#### profiles
+用戶資料表，存儲個人信息和健康狀況。
+
+#### orders
+訂單表，記錄食物訂購和支付信息。
+
+#### donations
+捐款表，管理捐款信息和狀態。
+
+#### menu_items
+菜單項目表，存儲餐點信息和營養數據。
+
+#### chat_conversations
+聊天記錄表，存儲用戶與AI的對話歷史。
+
+### 數據庫初始化
+
+系統會在啟動時自動創建所需的數據表結構。確保Supabase項目已啟用pgvector擴展：
+
+```sql
+-- 在Supabase SQL Editor中執行
+CREATE EXTENSION IF NOT EXISTS vector;
+```
+
+## 部署指南
+
+### Hugging Face Spaces 部署
+
+1. **準備部署文件**
+   ```bash
+   # 創建部署所需文件
+   touch README.md
+   echo "fastapi>=0.104.0" > requirements.txt
+   echo "uvicorn[standard]>=0.24.0" >> requirements.txt
+   # 添加其他必要依賴
+   ```
+
+2. **配置環境變量**
+   在Hugging Face Spaces設置中添加所有必要的環境變量。
+
+3. **創建入口文件**
+   確保項目根目錄有適當的啟動配置。
+
+### Docker 部署
+
+#### Dockerfile
+```dockerfile
+FROM python:3.9-slim
+
+WORKDIR /app
+
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+COPY . .
+
+EXPOSE 8000
+
+CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "8000"]
+```
+
+#### docker-compose.yml
+```yaml
+version: '3.8'
+services:
+  backend:
+    build: .
+    ports:
+      - "8000:8000"
+    environment:
+      - ENVIRONMENT=production
+    env_file:
+      - .env
+```
+
+#### 構建和運行
+```bash
+docker-compose up --build
+```
+
+### 雲平台部署
+
+#### Railway
+1. 連接GitHub倉庫
+2. 配置環境變量
+3. 設置啟動命令：`uvicorn app:app --host 0.0.0.0 --port $PORT`
+
+#### Render
+1. 連接GitHub倉庫
+2. 設置構建命令：`pip install -r requirements.txt`
+3. 設置啟動命令：`uvicorn app:app --host 0.0.0.0 --port $PORT`
+
+#### Heroku
+```bash
+# 創建Procfile
+echo "web: uvicorn app:app --host 0.0.0.0 --port \$PORT" > Procfile
+
+# 部署
+git add .
+git commit -m "Deploy to Heroku"
+git push heroku main
+```
+
+## 監控與日誌
+
+### 日誌配置
+
+系統使用Python標準日誌庫，日誌級別可通過環境變量配置：
+
+```bash
+LOG_LEVEL=INFO  # DEBUG, INFO, WARNING, ERROR
+```
+
+### 健康檢查
+
+- `GET /health` - 服務健康狀態檢查
+- 返回服務狀態、版本信息和數據庫連接狀態
+
+### 監控建議
+
+- 使用Prometheus + Grafana監控API性能
+- 設置Supabase數據庫性能監控
+- 配置Stripe支付監控和告警
+
+## 安全考量
+
+### 身份驗證
+- JWT token過期機制
+- Supabase Auth集成
+- 角色基礎訪問控制
+
+### 數據保護
+- 敏感數據加密存儲
+- HTTPS強制使用
+- CORS配置優化
+
+### API安全
+- 請求頻率限制
+- 輸入數據驗證
+- SQL注入防護
+
+## 故障排除
+
+### 常見問題
+
+1. **數據庫連接失敗**
+   - 檢查Supabase URL和密鑰
+   - 確認pgvector擴展已啟用
+
+2. **OpenAI API錯誤**
+   - 驗證API密鑰有效性
+   - 檢查API配額限制
+
+3. **Stripe支付問題**
+   - 確認Webhook URL配置正確
+   - 驗證Stripe密鑰設置
+
+4. **Gradio界面無法訪問**
+   - 檢查端口配置
+   - 確認CORS設置
+
+### 調試模式
+
+```bash
+# 啟用詳細日誌
+export LOG_LEVEL=DEBUG
+python app.py
+
+# 或使用uvicorn
+uvicorn app:app --reload --log-level debug
+```
+
+## 貢獻指南
+
+### 開發流程
+1. Fork項目
+2. 創建功能分支
+3. 提交變更
+4. 創建Pull Request
+
+### 代碼規範
+- 遵循PEP 8 Python代碼風格
+- 添加適當的文檔字符串
+- 編寫單元測試
+
+### 測試
+```bash
+# 運行測試
+pytest tests/
+
+# 測試覆蓋率
+pytest --cov=app tests/
+```
+
+## 許可證
+
+本項目採用MIT許可證 - 查看 [LICENSE](LICENSE) 文件了解詳情。
+
+## 聯繫方式
+
+- 項目作者：銀髮餐桌助手團隊
+- 技術���持：通過GitHub Issues
+- 文檔更新：歡迎提交PR
+
 ---
 
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+**重要提醒**：本系統僅提供營養建議，無法替代專業醫療諮詢。如有健康問題，請諮詢專業醫師。

app.py

@@ -0,0 +1,649 @@
+"""
+Main FastAPI application for Silver Table Assistant backend.
+Provides REST API endpoints and Gradio interface for AI-powered nutrition consultation.
+"""
+
+import os
+import logging
+from typing import List, Optional, Dict, Any
+from uuid import UUID
+import asyncio
+
+# Load environment variables from .env file
+from dotenv import load_dotenv
+load_dotenv()
+
+# FastAPI imports
+from fastapi import FastAPI, Request, HTTPException, Depends, status
+from fastapi.exceptions import RequestValidationError
+from fastapi.responses import JSONResponse
+from fastapi.middleware.cors import CORSMiddleware
+from fastapi.responses import StreamingResponse, JSONResponse
+from fastapi.staticfiles import StaticFiles
+
+# Database imports
+from sqlalchemy.ext.asyncio import AsyncSession
+
+# Import local modules
+from database import create_db_and_tables, get_session
+from models import Profile, Order, Donation, MenuItem, ChatConversation
+from schemas import (
+    ProfileCreate, ProfileUpdate, ProfileRead,
+    OrderCreate, OrderUpdate, OrderRead,
+    DonationCreate, DonationUpdate, DonationRead,
+    ChatRequest, ChatResponse,
+    MenuItemRead, APIResponse, HealthCheck
+)
+from dependencies import get_current_user, get_optional_user, require_roles, User
+from exceptions import SilverTableException, PaymentException
+from exceptions import handle_payment_error
+from crud import (
+    get_profiles_by_user, create_profile, update_profile, delete_profile,
+    create_order, get_orders_by_profile,
+    create_donation, update_donation_status,
+    get_menu_items, get_dashboard_stats
+)
+from menu_data import get_menu_items, get_menu_item_by_id
+from config import settings
+
+# Import service modules
+from chat_service import chat_stream, get_chat_service
+from stripe_service import create_checkout_session_for_order, create_checkout_session_for_donation, handle_webhook
+
+# Gradio imports
+import gradio as gr
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+# ====== Lifespan Event Handler ======
+
+from contextlib import asynccontextmanager
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    """Handle application startup and shutdown events."""
+    # Startup logic
+    logger.info("Starting up Silver Table Assistant backend...")
+    
+    # Try to create database tables, but continue if it fails (tables might already exist)
+    try:
+        await create_db_and_tables()
+        logger.info("Database tables created/verified successfully")
+    except Exception as e:
+        logger.warning(f"Database initialization warning (continuing anyway): {str(e)}")
+    
+    # Yield control to the application
+    yield
+    
+    # Shutdown logic
+    logger.info("Shutting down Silver Table Assistant backend...")
+
+# Initialize FastAPI app with lifespan handler
+app = FastAPI(
+    title="銀髮餐桌助手 API",
+    description="專為台灣銀髮族設計的AI營養飲食顧問服務",
+    version=settings.api_version,
+    docs_url="/api/docs",
+    redoc_url="/api/redoc",
+    lifespan=lifespan
+)
+
+
+# Custom exception handlers for consistent API responses
+
+
+@app.exception_handler(RequestValidationError)
+async def validation_exception_handler(request: Request, exc: RequestValidationError):
+    return JSONResponse(
+        status_code=status.HTTP_422_UNPROCESSABLE_ENTITY,
+        content={"success": False, "message": "Request validation error", "details": exc.errors()}
+    )
+
+
+@app.exception_handler(SilverTableException)
+async def silvertable_exception_handler(request: Request, exc: SilverTableException):
+    # Return 400 for known application errors with friendly message
+    return JSONResponse(
+        status_code=status.HTTP_400_BAD_REQUEST,
+        content={"success": False, "message": exc.message, "details": exc.details}
+    )
+
+
+@app.exception_handler(PaymentException)
+async def payment_exception_handler(request: Request, exc: PaymentException):
+    # Return 400 for payment-related errors with friendly message
+    return JSONResponse(
+        status_code=status.HTTP_400_BAD_REQUEST,
+        content={"success": False, "message": exc.message, "details": exc.details}
+    )
+
+# CORS middleware configuration
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=settings.cors_origins,
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+# ====== Health Check Endpoint ======
+
+@app.get("/health", response_model=HealthCheck)
+async def health_check():
+    """Health check endpoint for monitoring service status."""
+    return HealthCheck(
+        status="healthy",
+        timestamp=settings.get_current_timestamp(),
+        version=settings.api_version,
+        database="connected"
+    )
+
+
+# ====== Profile Management Endpoints ======
+
+@app.get("/api/profiles", response_model=List[ProfileRead])
+async def get_profiles(
+    current_user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_session)
+):
+    """Get all profiles for the current authenticated user."""
+    try:
+        profiles = await get_profiles_by_user(db, current_user.user_id)
+        return profiles
+    except Exception as e:
+        logger.error(f"Error fetching profiles: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to fetch profiles"
+        )
+
+
+@app.post("/api/profiles", response_model=ProfileRead, status_code=status.HTTP_201_CREATED)
+async def create_user_profile(
+    profile_data: ProfileCreate,
+    current_user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_session)
+):
+    """Create or update a profile for the current authenticated user."""
+    try:
+        if profile_data.id:
+            # Update specific profile
+            profile = await update_profile(db, profile_data.id, profile_data)
+            if not profile:
+                # If ID was provided but not found, maybe it was deleted, create new
+                profile = await create_profile(db, profile_data, current_user.user_id)
+        else:
+            # Create new profile
+            profile = await create_profile(db, profile_data, current_user.user_id)
+        
+        return profile
+    except Exception as e:
+        logger.error(f"Error creating/updating profile: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to create/update profile"
+        )
+
+
+@app.put("/api/profiles/{profile_id}", response_model=ProfileRead)
+async def update_user_profile(
+    profile_id: str,
+    profile_data: ProfileUpdate,
+    current_user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_session)
+):
+    """
+    Update a specific profile by ID.
+    Requires authentication.
+    """
+    try:
+        # Validate profile_id format
+        try:
+            profile_uuid = UUID(profile_id)
+        except ValueError:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Invalid profile ID format"
+            )
+        
+        # Update the profile
+        profile = await update_profile(db, profile_uuid, profile_data)
+        
+        if not profile:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail="Profile not found"
+            )
+        
+        return profile
+    except HTTPException:
+        raise
+    except Exception as e:
+        logger.error(f"Error updating profile {profile_id}: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to update profile"
+        )
+
+
+@app.delete("/api/profiles/{profile_id}", response_model=APIResponse)
+async def delete_user_profile(
+    profile_id: str,
+    current_user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_session)
+):
+    """
+    Delete a specific profile by ID.
+    Requires authentication.
+    """
+    try:
+        # Validate profile_id format
+        try:
+            profile_uuid = UUID(profile_id)
+        except ValueError:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Invalid profile ID format"
+            )
+        
+        # Delete the profile
+        deleted = await delete_profile(db, profile_uuid)
+        
+        if not deleted:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail="Profile not found"
+            )
+        
+        return APIResponse(
+            success=True,
+            message="Profile deleted successfully",
+            data={"profile_id": profile_id}
+        )
+    except HTTPException:
+        raise
+    except Exception as e:
+        logger.error(f"Error deleting profile {profile_id}: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to delete profile"
+        )
+
+
+# ====== Chat Endpoints ======
+
+class ChatRequestWithProfile(ChatRequest):
+    """Extended chat request schema with profile_id."""
+    profile_id: Optional[str] = None
+
+
+@app.post("/api/chat")
+async def chat_with_assistant(
+    request: ChatRequestWithProfile,
+    current_user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_session)
+):
+    """
+    Chat with the AI nutrition assistant.
+    Requires authentication and can use profile_id for personalized responses.
+    """
+    try:
+        # Get or use provided profile_id
+        profile_id = request.profile_id
+        if not profile_id:
+            # Get user's first profile for personalization
+            profiles = await get_profiles_by_user(db, current_user.user_id)
+            if profiles:
+                profile_id = str(profiles[0].id)
+        
+        # Create streaming response
+        return StreamingResponse(
+            chat_stream(
+                message=request.message,
+                profile_id=profile_id,
+                history=[{"role": "user", "content": request.message}]  # Simplified history
+            ),
+            media_type="text/plain",
+            headers={
+                "Cache-Control": "no-cache",
+                "Connection": "keep-alive",
+                "Transfer-Encoding": "chunked"
+            }
+        )
+    except Exception as e:
+        logger.error(f"Error in chat endpoint: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Chat service temporarily unavailable"
+        )
+
+
+# ====== Menu Endpoints ======
+
+@app.get("/api/menu", response_model=List[Dict[str, Any]])
+async def get_menu():
+    """Get the complete menu of available food items."""
+    try:
+        menu_items = get_menu_items()
+        return menu_items
+    except Exception as e:
+        logger.error(f"Error fetching menu: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to fetch menu"
+        )
+
+
+@app.get("/api/menu/{item_id}", response_model=Dict[str, Any])
+async def get_menu_item(item_id: int):
+    """
+    Get a specific menu item by ID.
+    
+    Returns the menu item with all details including nutrition information.
+    """
+    try:
+        menu_item = get_menu_item_by_id(item_id)
+        return menu_item
+    except ValueError:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"Menu item with ID {item_id} not found"
+        )
+    except Exception as e:
+        logger.error(f"Error fetching menu item {item_id}: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to fetch menu item"
+        )
+
+
+# ====== Order Management Endpoints ======
+
+@app.post("/api/orders", response_model=OrderRead)
+async def create_order_endpoint(
+    order_data: OrderCreate,
+    current_user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_session)
+):
+    """Create a new food order and initiate Stripe checkout."""
+    try:
+        # Get user's profile
+        profiles = await get_profiles_by_user(db, current_user.user_id)
+        if not profiles:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="User profile required to create order"
+            )
+        
+        profile = profiles[0]
+        
+        # Create order in database
+        order = await create_order(db, order_data, profile.id)
+        
+        # Create Stripe checkout session
+        checkout_url = create_checkout_session_for_order(order)
+        
+        # Update order with Stripe session ID
+        from crud import update_order_status
+        await update_order_status(db, order.id, "pending", checkout_url.split('/')[-1])
+        
+        return {
+            "id": order.id,
+            "profile_id": order.profile_id,
+            "items": order.items,
+            "total_amount": order.total_amount,
+            "status": "pending",
+            "stripe_session_id": checkout_url.split('/')[-1],
+            "created_at": order.created_at,
+            "updated_at": order.updated_at,
+            "checkout_url": checkout_url
+        }
+    except Exception as e:
+        logger.error(f"Error creating order: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to create order"
+        )
+
+
+# ====== Donation Endpoints ======
+
+@app.post("/api/donations", response_model=DonationRead)
+async def create_donation_endpoint(
+    donation_data: DonationCreate,
+    current_user: Optional[User] = Depends(get_optional_user),
+    db: AsyncSession = Depends(get_session)
+):
+    """
+    Create a new donation and initiate Stripe checkout.
+    Supports both authenticated and anonymous donations.
+    """
+    try:
+        # Validate donation minimum amount (donation_data.amount is in cents)
+        min_amount_cents = int(settings.MIN_DONATION_AMOUNT * 100)
+        if donation_data.amount < min_amount_cents:
+            raise PaymentException(f"捐款金額必須至少為 NT${settings.MIN_DONATION_AMOUNT} 元")
+
+        # Create donation in database
+        donation = await create_donation(db, donation_data)
+
+        # Create Stripe checkout session
+        checkout_url = create_checkout_session_for_donation(donation)
+        
+        # Update donation with Stripe session ID
+        await update_donation_status(db, donation.id, "pending", checkout_url.split('/')[-1])
+        
+        # Return the donation object with checkout URL added
+        return {
+            **donation.__dict__,
+            "checkout_url": checkout_url
+        }
+    except Exception as e:
+        logger.error(f"Error creating donation: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to create donation"
+        )
+
+
+# ====== Stripe Webhook Endpoints ======
+
+@app.post("/api/webhook")
+async def stripe_webhook(request: Request):
+    """Handle Stripe webhook events for payment confirmation."""
+    try:
+        payload = await request.body()
+        sig_header = request.headers.get("stripe-signature")
+        
+        if not sig_header:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Missing Stripe signature header"
+            )
+        
+        # Handle webhook
+        result = handle_webhook(payload, sig_header)
+        
+        return JSONResponse(
+            status_code=200,
+            content={"status": "success", "result": result}
+        )
+    except Exception as e:
+        logger.error(f"Webhook error: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Webhook processing failed"
+        )
+
+
+@app.post("/api/stripe/webhook")
+async def stripe_webhook_endpoint(request: Request):
+    """Handle Stripe webhook events for payment confirmation.
+    
+    This endpoint specifically handles Stripe webhook events with proper signature verification
+    and supports events like checkout.session.completed, payment_intent.succeeded, etc.
+    
+    Expected webhook signing secret: STRIPE_WEBHOOK_SECRET environment variable
+    """
+    try:
+        # Get the raw payload and signature header
+        payload = await request.body()
+        sig_header = request.headers.get("stripe-signature")
+        
+        if not sig_header:
+            logger.error("Missing Stripe signature header in webhook request")
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Missing Stripe signature header"
+            )
+        
+        logger.info(f"Processing Stripe webhook with signature: {sig_header[:20]}...")
+        
+        # Use the existing webhook handler from stripe_service
+        result = handle_webhook(payload, sig_header)
+        
+        logger.info(f"Webhook processed successfully: {result.get('status', 'unknown')}")
+        
+        return JSONResponse(
+            status_code=200,
+            content={
+                "status": "success", 
+                "message": "Webhook processed successfully",
+                "result": result
+            }
+        )
+        
+    except Exception as e:
+        logger.error(f"Stripe webhook error: {str(e)}")
+        
+        # Return appropriate error response based on exception type
+        if "Invalid webhook signature" in str(e):
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Invalid webhook signature"
+            )
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail=f"Webhook processing failed: {str(e)}"
+            )
+
+
+# ====== Dashboard Endpoints ======
+
+@app.get("/api/dashboard/{profile_id}")
+async def get_user_dashboard(
+    profile_id: str,
+    current_user: User = Depends(require_roles(["family", "admin"])),
+    db: AsyncSession = Depends(get_session)
+):
+    """
+    Get nutrition dashboard data for a specific profile.
+    Requires family role or admin permissions.
+    """
+    try:
+        # Validate profile_id format
+        try:
+            profile_uuid = UUID(profile_id)
+        except ValueError:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Invalid profile ID format"
+            )
+        
+        # Get dashboard statistics
+        stats = await get_dashboard_stats(db, profile_uuid)
+        
+        return stats
+    except Exception as e:
+        logger.error(f"Error fetching dashboard data: {str(e)}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to fetch dashboard data"
+        )
+
+
+# ====== Gradio Chat Interface ======
+
+async def gradio_chat(message: str, history: List[Dict[str, str]]):
+    """
+    Adapt chat_service.chat_stream to Gradio's expected format.
+    """
+    try:
+        chat_service = get_chat_service()
+        response = ""
+        # In Gradio 6.x, history is already a list of dictionaries with 'role' and 'content'
+        async for chunk in chat_service.chat_stream(message, history=history):
+            response += chunk
+            yield response
+    except Exception as e:
+        logger.error(f"Error in Gradio chat: {str(e)}")
+        yield "抱歉，系統暫時無法回應。請稍後再試。"
+
+
+# Create Gradio interface
+with gr.Blocks(title="銀髮餐桌助手", theme=gr.themes.Soft()) as gradio_demo:
+    gr.Markdown(
+        """
+        # 銀髮餐桌助手 🥄
+        
+        專為台灣銀髮族設計的AI營養飲食顧問
+        
+        **功能特色：**
+        - 個人化營養建議
+        - 健康飲食指導
+        - 在地食材推薦
+        - 專業營養諮詢
+        
+        **使用說明：**
+        無需登入即可開始對話，系統會根據您的健康狀況提供個人化建議。
+        """
+    )
+    
+    chatbot = gr.ChatInterface(
+        fn=gradio_chat,
+        type="messages",
+        title="營養飲食諮詢",
+        description="請輸入您的問題，例如：",
+        examples=[
+            "請問銀髮族應該如何補充蛋白質？",
+            "我爸爸有糖尿病，飲食上有什麼需要注意的？",
+            "推薦一些適合銀髮族的早餐選項",
+            "什麼食物對骨骼健康有好處？",
+            "如何製作軟嫩的料理？"
+        ]
+    )
+    
+    gr.Markdown(
+        """
+        ---
+        
+        **重要提醒：**
+        - 本系統僅提供營養建議，無法替代專業醫療諮詢
+        - 如有健康問題，請諮詢專業醫師
+        - 建議遵循台灣衛福部的營養指導原則
+        """
+    )
+
+
+# Mount Gradio app to FastAPI
+app = gr.mount_gradio_app(app, gradio_demo, path="/")
+
+
+# ====== Main Entry Point ======
+
+if __name__ == "__main__":
+    import uvicorn
+    
+    logger.info(f"Starting Silver Table Assistant backend on {settings.host}:{settings.port}")
+    
+    # Run the application
+    uvicorn.run(
+        "app:app",
+        host=settings.host,
+        port=settings.port,
+        reload=settings.is_development(),
+        log_level="info"
+    )

cache.py

@@ -0,0 +1,249 @@
+"""
+Caching module for Silver Table Assistant.
+Provides in-memory caching for performance optimization.
+"""
+
+import time
+import hashlib
+import json
+from typing import Any, Optional, Dict, Callable
+from functools import wraps
+import asyncio
+
+
+class Cache:
+    """Simple in-memory cache with TTL support."""
+    
+    def __init__(self, default_ttl: int = 3600):  # 1 hour default TTL
+        self._cache: Dict[str, Dict[str, Any]] = {}
+        self.default_ttl = default_ttl
+    
+    def _generate_key(self, prefix: str, *args, **kwargs) -> str:
+        """Generate a cache key from function arguments."""
+        # Convert args and kwargs to a sorted string representation
+        key_data = {
+            "args": args,
+            "kwargs": kwargs
+        }
+        key_string = json.dumps(key_data, sort_keys=True, default=str)
+        key_hash = hashlib.md5(key_string.encode()).hexdigest()
+        return f"{prefix}:{key_hash}"
+    
+    def get(self, key: str) -> Optional[Any]:
+        """Get value from cache if not expired."""
+        if key in self._cache:
+            cache_entry = self._cache[key]
+            if time.time() < cache_entry["expires_at"]:
+                return cache_entry["value"]
+            else:
+                # Remove expired entry
+                del self._cache[key]
+        return None
+    
+    def set(self, key: str, value: Any, ttl: Optional[int] = None) -> None:
+        """Set value in cache with TTL."""
+        ttl = ttl or self.default_ttl
+        self._cache[key] = {
+            "value": value,
+            "expires_at": time.time() + ttl
+        }
+    
+    def delete(self, key: str) -> None:
+        """Delete key from cache."""
+        if key in self._cache:
+            del self._cache[key]
+    
+    def clear(self) -> None:
+        """Clear all cache entries."""
+        self._cache.clear()
+    
+    def cleanup_expired(self) -> int:
+        """Remove all expired entries and return count removed."""
+        current_time = time.time()
+        expired_keys = [
+            key for key, entry in self._cache.items()
+            if current_time >= entry["expires_at"]
+        ]
+        
+        for key in expired_keys:
+            del self._cache[key]
+        
+        return len(expired_keys)
+    
+    def get_stats(self) -> Dict[str, Any]:
+        """Get cache statistics."""
+        current_time = time.time()
+        total_entries = len(self._cache)
+        expired_entries = sum(
+            1 for entry in self._cache.values()
+            if current_time >= entry["expires_at"]
+        )
+        
+        return {
+            "total_entries": total_entries,
+            "active_entries": total_entries - expired_entries,
+            "expired_entries": expired_entries,
+            "cache_hit_potential": "high" if total_entries > 100 else "medium" if total_entries > 10 else "low"
+        }
+
+
+# Global cache instances
+document_cache = Cache(default_ttl=1800)  # 30 minutes for document queries
+nutrition_cache = Cache(default_ttl=3600)  # 1 hour for nutrition calculations
+user_context_cache = Cache(default_ttl=900)  # 15 minutes for user context
+
+
+def cache_result(cache_instance: Cache, prefix: str, ttl: Optional[int] = None):
+    """Decorator to cache function results."""
+    
+    def decorator(func: Callable):
+        @wraps(func)
+        async def async_wrapper(*args, **kwargs):
+            # Generate cache key
+            cache_key = cache_instance._generate_key(prefix, *args, **kwargs)
+            
+            # Try to get from cache
+            cached_result = cache_instance.get(cache_key)
+            if cached_result is not None:
+                return cached_result
+            
+            # Execute function and cache result
+            if asyncio.iscoroutinefunction(func):
+                result = await func(*args, **kwargs)
+            else:
+                result = func(*args, **kwargs)
+            
+            cache_instance.set(cache_key, result, ttl)
+            return result
+        
+        @wraps(func)
+        def sync_wrapper(*args, **kwargs):
+            # Generate cache key
+            cache_key = cache_instance._generate_key(prefix, *args, **kwargs)
+            
+            # Try to get from cache
+            cached_result = cache_instance.get(cache_key)
+            if cached_result is not None:
+                return cached_result
+            
+            # Execute function and cache result
+            result = func(*args, **kwargs)
+            cache_instance.set(cache_key, result, ttl)
+            return result
+        
+        # Choose wrapper based on function type
+        if asyncio.iscoroutinefunction(func):
+            return async_wrapper
+        else:
+            return sync_wrapper
+    
+    return decorator
+
+
+class NutritionCache:
+    """Specialized cache for nutrition calculations."""
+    
+    @staticmethod
+    def get_menu_item_nutrition(menu_item_id: int) -> Optional[Dict[str, Any]]:
+        """Get cached nutrition data for a menu item."""
+        key = f"nutrition:menu_item:{menu_item_id}"
+        return nutrition_cache.get(key)
+    
+    @staticmethod
+    def set_menu_item_nutrition(menu_item_id: int, nutrition_data: Dict[str, Any], ttl: Optional[int] = None) -> None:
+        """Cache nutrition data for a menu item."""
+        key = f"nutrition:menu_item:{menu_item_id}"
+        nutrition_cache.set(key, nutrition_data, ttl)
+    
+    @staticmethod
+    def get_user_nutrition_summary(user_id: str, days: int = 7) -> Optional[Dict[str, Any]]:
+        """Get cached nutrition summary for a user."""
+        key = f"nutrition:summary:{user_id}:{days}"
+        return nutrition_cache.get(key)
+    
+    @staticmethod
+    def set_user_nutrition_summary(user_id: str, days: int, summary_data: Dict[str, Any], ttl: Optional[int] = None) -> None:
+        """Cache nutrition summary for a user."""
+        key = f"nutrition:summary:{user_id}:{days}"
+        nutrition_cache.set(key, summary_data, ttl)
+    
+    @staticmethod
+    def invalidate_user_nutrition(user_id: str) -> None:
+        """Invalidate all nutrition cache for a user."""
+        # Remove all nutrition-related entries for this user
+        keys_to_remove = [
+            key for key in nutrition_cache._cache.keys()
+            if key.startswith(f"nutrition:summary:{user_id}")
+        ]
+        for key in keys_to_remove:
+            nutrition_cache.delete(key)
+
+
+class DocumentCache:
+    """Specialized cache for document queries."""
+    
+    @staticmethod
+    def get_relevant_documents(query: str, k: int, score_threshold: Optional[float] = None) -> Optional[list]:
+        """Get cached document search results."""
+        threshold_key = f":{score_threshold}" if score_threshold else ""
+        key = f"documents:query:{hashlib.md5(query.encode()).hexdigest()}:k{k}{threshold_key}"
+        return document_cache.get(key)
+    
+    @staticmethod
+    def set_relevant_documents(query: str, k: int, documents: list, score_threshold: Optional[float] = None, ttl: Optional[int] = None) -> None:
+        """Cache document search results."""
+        threshold_key = f":{score_threshold}" if score_threshold else ""
+        key = f"documents:query:{hashlib.md5(query.encode()).hexdigest()}:k{k}{threshold_key}"
+        document_cache.set(key, documents, ttl)
+    
+    @staticmethod
+    def invalidate_document_cache() -> None:
+        """Invalidate all document cache entries."""
+        document_cache.clear()
+
+
+class UserContextCache:
+    """Specialized cache for user context data."""
+    
+    @staticmethod
+    def get_user_context(user_id: str) -> Optional[Dict[str, Any]]:
+        """Get cached user context."""
+        key = f"context:user:{user_id}"
+        return user_context_cache.get(key)
+    
+    @staticmethod
+    def set_user_context(user_id: str, context_data: Dict[str, Any], ttl: Optional[int] = None) -> None:
+        """Cache user context data."""
+        key = f"context:user:{user_id}"
+        user_context_cache.set(key, context_data, ttl)
+    
+    @staticmethod
+    def invalidate_user_context(user_id: str) -> None:
+        """Invalidate user context cache."""
+        key = f"context:user:{user_id}"
+        user_context_cache.delete(key)
+
+
+# Cache management utilities
+def get_cache_stats() -> Dict[str, Any]:
+    """Get statistics for all caches."""
+    return {
+        "document_cache": document_cache.get_stats(),
+        "nutrition_cache": nutrition_cache.get_stats(),
+        "user_context_cache": user_context_cache.get_stats()
+    }
+
+
+def cleanup_all_caches() -> Dict[str, int]:
+    """Clean up expired entries from all caches."""
+    return {
+        "document_cache": document_cache.cleanup_expired(),
+        "nutrition_cache": nutrition_cache.cleanup_expired(),
+        "user_context_cache": user_context_cache.cleanup_expired()
+    }
+
+
+def invalidate_user_cache(user_id: str) -> None:
+    """Invalidate all cache entries for a specific user."""
+    NutritionCache.invalidate_user_nutrition(user_id)
+    UserContextCache.invalidate_user_context(user_id)

chat_service.py

@@ -0,0 +1,445 @@
+"""
+Chat service for Silver Table Assistant.
+Provides AI-powered chat functionality with RAG integration and user context.
+"""
+
+import os
+import logging
+from typing import List, Dict, Any, Optional, AsyncGenerator
+from uuid import UUID
+
+from langchain_openai import ChatOpenAI
+from langchain_core.messages import HumanMessage, SystemMessage, AIMessage
+from langchain_core.prompts import ChatPromptTemplate, MessagesPlaceholder
+
+import asyncio
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from rag import get_rag_service
+from crud import get_profile
+from models import ChatConversation, Profile
+from database import get_db_session
+from config import settings
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+
+class ChatService:
+    """Chat service for AI-powered conversations with RAG integration."""
+    
+    def __init__(self):
+        """Initialize chat service with LiteLLM or OpenAI Chat model."""
+        # Environment variables
+        self.openai_api_key = os.getenv("OPENAI_API_KEY") or os.getenv("LITELLM_API_KEY", "sk-eT_04m428oAPUD5kUmIhVA")
+        self.openai_base_url = os.getenv("OPENAI_BASE_URL") or os.getenv("LITELLM_BASE_URL", "https://litellm-ekkks8gsocw.dgx-coolify.apmic.ai/")
+        
+        if not self.openai_api_key:
+            raise ValueError("Missing required environment variable: OPENAI_API_KEY or LITELLM_API_KEY")
+        
+        # Initialize ChatOpenAI model (works with LiteLLM compatible endpoints)
+        model_kwargs = {
+            "model": settings.ai_model_name,
+            "openai_api_key": self.openai_api_key,
+            "temperature": settings.ai_temperature,
+            "max_tokens": settings.ai_max_tokens,
+        }
+        
+        # Add base_url for LiteLLM or Azure OpenAI
+        if self.openai_base_url:
+            model_kwargs["openai_api_base"] = self.openai_base_url
+        
+        self.llm = ChatOpenAI(**model_kwargs)
+        logger.info(f"Initialized ChatOpenAI with base_url: {self.openai_base_url}, model: {settings.ai_model_name}")
+        
+        # System prompt for the silver table assistant
+        self.system_prompt = self._create_system_prompt()
+        
+        # RAG service
+        self.rag_service = get_rag_service()
+    
+    def _create_system_prompt(self) -> str:
+        """
+        Create the system prompt for the silver table assistant.
+        
+        Returns:
+            System prompt string
+        """
+        return """你是「銀髮餐桌助手」，專為台灣銀髮族設計的AI營養飲食顧問助手。
+
+角色定位：
+- 你是一位溫暖、耐心、專業的營養飲食顧問
+- 專門為台灣銀髮族（65歲以上）提供飲食建議
+- 熟悉台灣在地食材、飲食文化和生活習慣
+
+核心原則：
+1. 嚴格遵循台灣衛福部(MOHW)的營養指導原則和飲食指南
+2. 僅提供營養建議，絕不進行醫療診斷或疾病診斷
+3. 針對銀髮族的特殊營養需求（蛋白質、鈣質、維生素D、纖維等）
+4. 考慮台灣在地飲食文化和可用食材
+5. 語調溫和、耐心，像家中長輩般的關懷
+
+重要限制：
+- 絕不提供醫療診斷或疾病治療建議
+- 涉及健康問題時，建議諮詢專業醫師
+- 不推薦特定品牌或產品
+- 基於科學證據和官方營養指南提供建議
+
+回應風格：
+- 使用繁體中文
+- 語調溫暖親切
+- 提供具體可行的建議
+- 適時提供鼓勵和關懷
+- 考慮使用者的年齡和健康狀況
+
+當使用者詢問營養、飲食、食材選擇、烹調方式等相關問題時，請基於台灣衛福部的營養指導原則回答，並考慮使用者的個人健康狀況（如果有提供的話）。"""
+    
+    async def get_user_context(self, profile_id: Optional[UUID] = None) -> Dict[str, Any]:
+        """
+        Get user context information for personalized responses.
+        
+        Args:
+            profile_id: User profile ID
+            
+        Returns:
+            Dictionary with user context information
+        """
+        context = {
+            "has_profile": False,
+            "age": None,
+            "health_conditions": None,
+            "dietary_restrictions": None
+        }
+        
+        if profile_id:
+            try:
+                # Get database session
+                async with get_db_session() as db:
+                    profile = await get_profile(db, profile_id)
+                    if profile:
+                        context.update({
+                            "has_profile": True,
+                            "age": profile.age,
+                            "health_conditions": profile.health_condition,
+                            "dietary_restrictions": profile.dietary_restrictions,
+                            "display_name": profile.display_name
+                        })
+                        logger.info(f"Retrieved profile context for user {profile_id}")
+                    else:
+                        logger.warning(f"Profile not found for ID: {profile_id}")
+            except Exception as e:
+                logger.error(f"Error retrieving user profile: {str(e)}")
+        
+        return context
+    
+    def format_context_information(self, user_context: Dict[str, Any], relevant_docs: List[Any]) -> str:
+        """
+        Format context information for the AI prompt.
+        
+        Args:
+            user_context: User context dictionary
+            relevant_docs: Relevant documents from RAG
+            
+        Returns:
+            Formatted context string
+        """
+        context_parts = []
+        
+        # Add user context if available
+        if user_context["has_profile"]:
+            context_parts.append("使用者背景資訊：")
+            if user_context.get("display_name"):
+                context_parts.append(f"- 姓名：{user_context['display_name']}")
+            if user_context.get("age"):
+                context_parts.append(f"- 年齡：{user_context['age']}歲")
+            if user_context.get("health_conditions"):
+                context_parts.append(f"- 健康狀況：{user_context['health_conditions']}")
+            if user_context.get("dietary_restrictions"):
+                context_parts.append(f"- 飲食限制：{user_context['dietary_restrictions']}")
+            context_parts.append("")
+        
+        # Add relevant documents
+        if relevant_docs:
+            context_parts.append("相關營養指南資訊：")
+            for i, doc in enumerate(relevant_docs, 1):
+                source = doc.metadata.get("file_name", "未知來源")
+                content = doc.page_content.strip()
+                # Limit content length to avoid token overflow
+                if len(content) > 500:
+                    content = content[:500] + "..."
+                context_parts.append(f"{i}. 來源：{source}")
+                context_parts.append(f"   內容：{content}")
+                context_parts.append("")
+        
+        return "\n".join(context_parts)
+    
+    async def chat_stream(
+        self, 
+        message: str, 
+        profile_id: Optional[str] = None, 
+        history: List[Dict[str, str]] = None
+    ) -> AsyncGenerator[str, None]:
+        """
+        Stream chat response with context and RAG integration.
+        
+        Args:
+            message: User message
+            profile_id: Optional user profile ID for personalization
+            history: Chat history messages
+            
+        Yields:
+            Response content chunks
+        """
+        try:
+            # Convert profile_id to UUID if provided
+            profile_uuid = None
+            if profile_id:
+                try:
+                    profile_uuid = UUID(profile_id)
+                except ValueError:
+                    logger.warning(f"Invalid profile ID format: {profile_id}")
+            
+            # Get user context
+            user_context = await self.get_user_context(profile_uuid)
+            
+            # Get relevant documents from RAG
+            relevant_docs = await self.rag_service.get_relevant_documents(message, k=6)
+            
+            # Format context information
+            context_info = self.format_context_information(user_context, relevant_docs)
+            
+            # Prepare message history
+            messages = []
+            
+            # Add system message with context
+            if context_info:
+                system_content = f"{self.system_prompt}\n\n背景資訊：\n{context_info}"
+            else:
+                system_content = self.system_prompt
+            
+            messages.append(SystemMessage(content=system_content))
+            
+            # Add chat history
+            if history:
+                for msg in history:
+                    if msg["role"] == "user":
+                        messages.append(HumanMessage(content=msg["content"]))
+                    elif msg["role"] == "assistant":
+                        messages.append(AIMessage(content=msg["content"]))
+            
+            # Add current user message
+            messages.append(HumanMessage(content=message))
+            
+            # Stream response from LLM
+            logger.info(f"Generating chat response for message: '{message[:50]}...'")
+            
+            full_response = ""
+            async for chunk in self.llm.astream(messages):
+                if hasattr(chunk, "content") and chunk.content:
+                    full_response += chunk.content
+                    yield chunk.content
+            
+            # Log the interaction with both message and response
+            if full_response:
+                await self._log_conversation(
+                    message=message,
+                    response=full_response,
+                    profile_id=profile_uuid,
+                    user_context=user_context,
+                    relevant_docs_count=len(relevant_docs)
+                )
+            
+        except Exception as e:
+            logger.error(f"Error in chat stream: {str(e)}")
+            yield "抱歉，系統發生了一些問題。請稍後再試。"
+    
+    async def _log_conversation(
+        self, 
+        message: str, 
+        response: str,
+        profile_id: Optional[UUID], 
+        user_context: Dict[str, Any], 
+        relevant_docs_count: int
+    ) -> None:
+        """
+        Log conversation to database for analytics and improvement.
+        
+        Args:
+            message: User message
+            response: AI response
+            profile_id: User profile ID
+            user_context: User context information
+            relevant_docs_count: Number of relevant documents found
+        """
+        try:
+            # Prepare metadata
+            metadata = {
+                "user_context": user_context,
+                "relevant_docs_count": relevant_docs_count,
+                "timestamp": settings.get_current_timestamp()
+            }
+            
+            # Log conversation with both message and response
+            await self._save_conversation(
+                profile_id=profile_id,
+                message=message,
+                response=response,
+                meta_data=metadata
+            )
+            
+        except Exception as e:
+            logger.error(f"Error logging conversation: {str(e)}")
+    
+    async def _save_conversation(
+        self, 
+        profile_id: Optional[UUID], 
+        message: str, 
+        response: Optional[str] = None, 
+        meta_data: Optional[Dict[str, Any]] = None
+    ) -> None:
+        """
+        Save chat conversation to database.
+        
+        Args:
+            profile_id: User profile ID
+            message: User message
+            response: AI response (optional)
+            meta_data: Additional metadata
+        """
+        try:
+            async with get_db_session() as db:
+                conversation = ChatConversation(
+                    profile_id=profile_id,
+                    message=message,
+                    response=response,
+                    meta_data=meta_data or {}
+                )
+                
+                db.add(conversation)
+                await db.commit()
+                
+        except Exception as e:
+            logger.error(f"Error saving conversation to database: {str(e)}")
+    
+    async def get_chat_history(
+        self, 
+        profile_id: Optional[UUID], 
+        session_id: str, 
+        limit: int = 50
+    ) -> List[Dict[str, str]]:
+        """
+        Get chat history for a session.
+        
+        Args:
+            profile_id: User profile ID
+            session_id: Chat session ID
+            limit: Maximum number of messages to return
+            
+        Returns:
+            List of chat messages
+        """
+        try:
+            async with get_db_session() as db:
+                from sqlalchemy import select
+                
+                query = (
+                    select(ChatConversation)
+                    .order_by(ChatConversation.created_at.asc())
+                    .limit(limit)
+                )
+                
+                if profile_id:
+                    query = query.where(ChatConversation.profile_id == profile_id)
+                
+                result = await db.execute(query)
+                conversations = result.scalars().all()
+                
+                # Return user messages and AI responses
+                chat_history = []
+                for conv in conversations:
+                    if conv.message:
+                        chat_history.append({
+                            "role": "user",
+                            "content": conv.message,
+                            "timestamp": conv.created_at.isoformat()
+                        })
+                    if conv.response:
+                        chat_history.append({
+                            "role": "assistant", 
+                            "content": conv.response,
+                            "timestamp": conv.created_at.isoformat()
+                        })
+                
+                return chat_history
+                
+        except Exception as e:
+            logger.error(f"Error getting chat history: {str(e)}")
+            return []
+
+
+# Global chat service instance
+chat_service: Optional[ChatService] = None
+
+
+def get_chat_service() -> ChatService:
+    """
+    Get or create the global chat service instance.
+    
+    Returns:
+        ChatService instance
+    """
+    global chat_service
+    if chat_service is None:
+        chat_service = ChatService()
+    return chat_service
+
+
+# Convenience function for backward compatibility
+async def chat_stream(
+    message: str, 
+    profile_id: Optional[str] = None, 
+    history: List[Dict[str, str]] = None
+) -> AsyncGenerator[str, None]:
+    """Stream chat response."""
+    service = get_chat_service()
+    async for chunk in service.chat_stream(message, profile_id, history):
+        yield chunk
+
+
+if __name__ == "__main__":
+    """
+    Main block for testing chat service functionality.
+    """
+    async def main():
+        """Main function for testing."""
+        print("Testing Chat Service...")
+        
+        try:
+            # Initialize chat service
+            service = get_chat_service()
+            
+            # Test messages
+            test_messages = [
+                "請問銀髮族應該如何補充蛋白質？",
+                "我爸爸有糖尿病，飲食上有什麼需要注意的？",
+                "推薦一些適合銀髮族的早餐選項"
+            ]
+            
+            for i, message in enumerate(test_messages, 1):
+                print(f"\n--- 測試對話 {i} ---")
+                print(f"使用者：{message}")
+                print("助手：", end="", flush=True)
+                
+                # Stream response
+                async for chunk in service.chat_stream(message):
+                    print(chunk, end="", flush=True)
+                
+                print("\n" + "="*50)
+            
+        except Exception as e:
+            print(f"Error: {str(e)}")
+            raise
+    
+    # Run the main function
+    asyncio.run(main())

config.py

@@ -0,0 +1,108 @@
+"""
+Configuration management for Silver Table Assistant.
+Centralized settings with environment variable support.
+"""
+
+import os
+from datetime import datetime
+from typing import List
+
+
+class Settings:
+    """Application settings with environment variable support."""
+    
+    def __init__(self):
+        # Database Configuration
+        self.supabase_url = os.getenv("SUPABASE_URL")
+        self.supabase_service_role_key = os.getenv("SUPABASE_SERVICE_ROLE_KEY")
+        
+        # AI Service Configuration
+        self.openai_api_key = os.getenv("OPENAI_API_KEY")
+        self.openai_base_url = os.getenv("OPENAI_BASE_URL", "https://api.openai.com/v1")
+        
+        # LiteLLM Configuration (alternative to OpenAI)
+        self.litellm_base_url = os.getenv("LITELLM_BASE_URL")
+        self.litellm_api_key = os.getenv("LITELLM_API_KEY")
+        self.litellm_model = os.getenv("LITELLM_MODEL", "azure-gpt-4.1")
+        
+        # Payment Service Configuration
+        self.stripe_secret_key = os.getenv("STRIPE_SECRET_KEY")
+        self.stripe_publishable_key = os.getenv("STRIPE_PUBLISHABLE_KEY")
+        self.stripe_webhook_secret = os.getenv("STRIPE_WEBHOOK_SECRET")
+        self.stripe_default_currency = "twd"  # Taiwan Dollar
+        
+        # Application Configuration
+        self.frontend_url = os.getenv("FRONTEND_URL", "http://localhost:5173")
+        self.api_version = os.getenv("API_VERSION", "1.0.0")
+        self.environment = os.getenv("ENVIRONMENT", "development")
+        
+        # Server Configuration
+        self.host = os.getenv("HOST", "0.0.0.0")
+        self.port = int(os.getenv("PORT", "8000"))
+        
+        # AI Model Configuration (for LiteLLM)
+        self.ai_model_name = os.getenv("AI_MODEL_NAME", "azure-gpt-4.1")
+        self.ai_max_tokens = 2000
+        self.ai_temperature = 0.7
+        
+        # Currency Configuration
+        self.default_currency = "twd"
+        self.currency_symbol = "NT$"
+        self.min_order_amount = 1000  # cents (NT$10)
+        self.max_order_amount = 1000000  # cents (NT$10,000)
+        self.min_donation_amount = 50  # NT$50 minimum for Stripe
+        # Backwards-compatible uppercase constant
+        self.MIN_DONATION_AMOUNT = self.min_donation_amount
+        
+        # Security Configuration
+        self.jwt_secret_key = os.getenv("JWT_SECRET_KEY", "your-secret-key-here")
+        self.access_token_expire_minutes = 30
+        
+        # CORS Configuration
+        self.cors_origins = self._parse_cors_origins()
+        
+        # Validation
+        self._validate_required_settings()
+    
+    def _parse_cors_origins(self) -> List[str]:
+        """Parse CORS origins from environment variable."""
+        origins_str = os.getenv("CORS_ORIGINS", "http://localhost:3000,http://localhost:5173")
+        return [origin.strip() for origin in origins_str.split(",")]
+    
+    def _validate_required_settings(self):
+        """Validate required environment variables."""
+        required_vars = [
+            "SUPABASE_URL",
+            "SUPABASE_SERVICE_ROLE_KEY",
+            "OPENAI_API_KEY",
+            "STRIPE_SECRET_KEY",
+            "STRIPE_WEBHOOK_SECRET"
+        ]
+        
+        missing_vars = []
+        for var in required_vars:
+            if not os.getenv(var):
+                missing_vars.append(var)
+        
+        if missing_vars:
+            raise ValueError(f"Missing required environment variables: {', '.join(missing_vars)}")
+    
+    def get_current_timestamp(self) -> str:
+        """Get current timestamp in ISO format."""
+        return datetime.utcnow().isoformat() + "Z"
+    
+    def is_development(self) -> bool:
+        """Check if running in development mode."""
+        return self.environment.lower() == "development"
+    
+    def is_production(self) -> bool:
+        """Check if running in production mode."""
+        return self.environment.lower() == "production"
+    
+    def format_currency(self, amount_cents: int) -> str:
+        """Format amount in cents to currency string."""
+        return f"{self.currency_symbol}{amount_cents / 100:.2f}"
+
+
+# Global settings instance
+settings = Settings()

crud.py

@@ -0,0 +1,453 @@
+"""
+CRUD operations for Silver Table Assistant backend.
+Provides async database operations for profiles, orders, and donations.
+"""
+
+from typing import List, Optional, Dict, Any
+from datetime import datetime, timedelta
+from uuid import UUID, uuid4
+
+from sqlalchemy.ext.asyncio import AsyncSession
+from sqlalchemy import select, func
+from sqlmodel import col
+
+from models import Profile, Order, Donation, MenuItem
+from schemas import (
+    ProfileCreate, ProfileUpdate, ProfileRead,
+    OrderCreate, OrderUpdate, OrderRead,
+    DonationCreate, DonationUpdate, DonationRead
+)
+
+
+# ========== Profile CRUD Operations ==========
+
+async def get_profile(db: AsyncSession, profile_id: UUID) -> Optional[Profile]:
+    """
+    Get a profile by ID.
+    
+    Args:
+        db: Database session
+        profile_id: Profile ID
+        
+    Returns:
+        Profile object or None if not found
+    """
+    result = await db.get(Profile, profile_id)
+    return result
+
+
+async def get_profiles_by_user(db: AsyncSession, user_id: UUID) -> List[Profile]:
+    """
+    Get all profiles for a specific user.
+    
+    Args:
+        db: Database session
+        user_id: Supabase Auth user ID
+        
+    Returns:
+        List of Profile objects
+    """
+    query = select(Profile).where(Profile.user_id == user_id)
+    result = await db.execute(query)
+    return result.scalars().all()
+
+
+async def create_profile(db: AsyncSession, profile_data: ProfileCreate, user_id: UUID) -> Profile:
+    """
+    Create a new profile.
+    
+    Args:
+        db: Database session
+        profile_data: Profile creation data
+        user_id: Supabase Auth user ID
+        
+    Returns:
+        Created Profile object
+    """
+    profile_dict = profile_data.dict()
+    profile_dict["user_id"] = user_id
+    profile_dict["id"] = uuid4()  # Manually generate UUID for primary key
+    
+    profile = Profile(**profile_dict)
+    db.add(profile)
+    await db.commit()
+    await db.refresh(profile)
+    
+    return profile
+
+
+async def update_profile(db: AsyncSession, profile_id: UUID, profile_data: ProfileUpdate) -> Optional[Profile]:
+    """
+    Update an existing profile.
+    
+    Args:
+        db: Database session
+        profile_id: Profile ID
+        profile_data: Profile update data
+        
+    Returns:
+        Updated Profile object or None if not found
+    """
+    profile = await db.get(Profile, profile_id)
+    if not profile:
+        return None
+    
+    # Update fields that are not None
+    update_data = profile_data.dict(exclude_unset=True)
+    for field, value in update_data.items():
+        setattr(profile, field, value)
+    
+    profile.updated_at = datetime.utcnow()
+    
+    await db.commit()
+    await db.refresh(profile)
+    
+    return profile
+
+
+async def delete_profile(db: AsyncSession, profile_id: UUID) -> bool:
+    """
+    Delete a profile by ID.
+    
+    Args:
+        db: Database session
+        profile_id: Profile ID
+        
+    Returns:
+        True if deleted successfully, False if not found
+    """
+    profile = await db.get(Profile, profile_id)
+    if not profile:
+        return False
+    
+    await db.delete(profile)
+    await db.commit()
+    
+    return True
+
+
+# ========== Order CRUD Operations ==========
+
+async def create_order(db: AsyncSession, order_data: OrderCreate, profile_id: UUID) -> Order:
+    """
+    Create a new order.
+    
+    Args:
+        db: Database session
+        order_data: Order creation data
+        profile_id: Profile ID making the order
+        
+    Returns:
+        Created Order object
+    """
+    order_dict = order_data.dict()
+    order_dict["profile_id"] = profile_id
+    
+    # Convert OrderItem objects to dict for storage
+    if "items" in order_dict:
+        # Handle both Pydantic models and already-converted dicts
+        order_dict["items"] = [
+            item.dict() if hasattr(item, 'dict') else item 
+            for item in order_dict["items"]
+        ]
+    
+    order = Order(**order_dict)
+    db.add(order)
+    await db.commit()
+    await db.refresh(order)
+    
+    return order
+
+
+async def update_order_status(
+    db: AsyncSession, 
+    order_id: UUID, 
+    status: str, 
+    stripe_session_id: Optional[str] = None
+) -> Optional[Order]:
+    """
+    Update order status and optionally Stripe session ID.
+    
+    Args:
+        db: Database session
+        order_id: Order ID
+        status: New order status
+        stripe_session_id: Optional Stripe session ID
+        
+    Returns:
+        Updated Order object or None if not found
+    """
+    order = await db.get(Order, order_id)
+    if not order:
+        return None
+    
+    order.status = status
+    if stripe_session_id:
+        order.stripe_session_id = stripe_session_id
+    
+    await db.commit()
+    await db.refresh(order)
+    
+    return order
+
+
+async def get_order_by_stripe_session(db: AsyncSession, stripe_session_id: str) -> Optional[Order]:
+    """
+    Get order by Stripe session ID.
+    
+    Args:
+        db: Database session
+        stripe_session_id: Stripe session ID
+        
+    Returns:
+        Order object or None if not found
+    """
+    query = select(Order).where(Order.stripe_session_id == stripe_session_id)
+    result = await db.execute(query)
+    return result.scalar_one_or_none()
+
+
+async def get_orders_by_profile(db: AsyncSession, profile_id: UUID, limit: int = 10) -> List[Order]:
+    """
+    Get orders for a specific profile.
+    
+    Args:
+        db: Database session
+        profile_id: Profile ID
+        limit: Maximum number of orders to return
+        
+    Returns:
+        List of Order objects
+    """
+    query = (
+        select(Order)
+        .where(Order.profile_id == profile_id)
+        .order_by(col(Order.created_at).desc())
+        .limit(limit)
+    )
+    result = await db.execute(query)
+    return result.scalars().all()
+
+
+# ========== Donation CRUD Operations ==========
+
+async def create_donation(db: AsyncSession, donation_data: DonationCreate) -> Donation:
+    """
+    Create a new donation.
+    
+    Args:
+        db: Database session
+        donation_data: Donation creation data
+        
+    Returns:
+        Created Donation object
+    """
+    donation_dict = donation_data.dict()
+    donation = Donation(**donation_dict)
+    db.add(donation)
+    await db.commit()
+    await db.refresh(donation)
+    
+    return donation
+
+
+async def update_donation_status(
+    db: AsyncSession, 
+    donation_id: UUID, 
+    status: str, 
+    stripe_session_id: Optional[str] = None
+) -> Optional[Donation]:
+    """
+    Update donation status and optionally Stripe session ID.
+    
+    Args:
+        db: Database session
+        donation_id: Donation ID
+        status: New donation status
+        stripe_session_id: Optional Stripe session ID
+        
+    Returns:
+        Updated Donation object or None if not found
+    """
+    donation = await db.get(Donation, donation_id)
+    if not donation:
+        return None
+    
+    donation.status = status
+    if stripe_session_id:
+        donation.stripe_session_id = stripe_session_id
+    
+    await db.commit()
+    await db.refresh(donation)
+    
+    return donation
+
+
+async def get_donation_by_stripe_session(db: AsyncSession, stripe_session_id: str) -> Optional[Donation]:
+    """
+    Get donation by Stripe session ID.
+    
+    Args:
+        db: Database session
+        stripe_session_id: Stripe session ID
+        
+    Returns:
+        Donation object or None if not found
+    """
+    query = select(Donation).where(Donation.stripe_session_id == stripe_session_id)
+    result = await db.execute(query)
+    return result.scalar_one_or_none()
+
+
+# ========== Dashboard Statistics ==========
+
+async def get_dashboard_stats(db: AsyncSession, profile_id: UUID) -> Dict[str, Any]:
+    """
+    Get dashboard stats for a specific profile in the format expected by the frontend.
+    """
+    # 1. Weekly Heatmap (Last 7 days)
+    weekly_heatmap = []
+    today = datetime.utcnow().date()
+    for i in range(6, -1, -1):
+        target_date = today - timedelta(days=i)
+        start_time = datetime.combine(target_date, datetime.min.time())
+        end_time = datetime.combine(target_date, datetime.max.time())
+        
+        query = (
+            select(func.count(Order.id))
+            .where(
+                Order.profile_id == profile_id,
+                # Order.status == "completed", # For demo, count all or pending
+                Order.created_at >= start_time,
+                Order.created_at <= end_time
+            )
+        )
+        result = await db.execute(query)
+        count = result.scalar() or 0
+        weekly_heatmap.append({
+            "date": target_date.isoformat(),
+            "count": count
+        })
+
+    # 2. Nutrition Stats (Dummy/Estimated for now)
+    # Target values based on common silver nutrition guidelines
+    nutrition_stats = [
+        {"category": "蛋白質", "percentage": 85},
+        {"category": "維生素", "percentage": 72},
+        {"category": "礦物質", "percentage": 68},
+        {"category": "纖維質", "percentage": 90},
+        {"category": "水分", "percentage": 78},
+        {"category": "熱量", "percentage": 82},
+    ]
+
+    return {
+        "weekly_heatmap": weekly_heatmap,
+        "nutrition_stats": nutrition_stats
+    }
+
+
+# ========== Menu Item Operations ==========
+
+async def get_menu_items(db: AsyncSession, limit: Optional[int] = None, category: Optional[str] = None) -> List[MenuItem]:
+    """
+    Get menu items with optional filtering.
+    
+    Args:
+        db: Database session
+        limit: Maximum number of items to return
+        category: Filter by category
+        
+    Returns:
+        List of MenuItem objects
+    """
+    query = select(MenuItem).where(MenuItem.available == True)
+    
+    if category:
+        query = query.where(MenuItem.category == category)
+    
+    query = query.order_by(col(MenuItem.created_at).desc())
+    
+    if limit:
+        query = query.limit(limit)
+    
+    result = await db.execute(query)
+    return result.scalars().all()
+
+
+async def get_menu_item(db: AsyncSession, item_id: int) -> Optional[MenuItem]:
+    """
+    Get a specific menu item by ID.
+    
+    Args:
+        db: Database session
+        item_id: Menu item ID
+        
+    Returns:
+        MenuItem object or None if not found
+    """
+    result = await db.execute(select(MenuItem).where(MenuItem.id == item_id))
+    return result.scalar_one_or_none()
+
+
+# ========== Analytics and Reporting ==========
+
+async def get_user_order_history(db: AsyncSession, profile_id: UUID, days: int = 30) -> List[Order]:
+    """
+    Get order history for a user within a specified time period.
+    
+    Args:
+        db: Database session
+        profile_id: Profile ID
+        days: Number of days to look back
+        
+    Returns:
+        List of Order objects
+    """
+    start_date = datetime.utcnow() - timedelta(days=days)
+    
+    query = (
+        select(Order)
+        .where(
+            Order.profile_id == profile_id,
+            Order.created_at >= start_date
+        )
+        .order_by(col(Order.created_at).desc())
+    )
+    
+    result = await db.execute(query)
+    return result.scalars().all()
+
+
+async def get_popular_menu_items(db: AsyncSession, limit: int = 10) -> List[Dict[str, Any]]:
+    """
+    Get most popular menu items based on order frequency.
+    
+    Args:
+        db: Database session
+        limit: Maximum number of items to return
+        
+    Returns:
+        List of dictionaries with menu item info and order counts
+    """
+    # This is a simplified implementation
+    # In a real app, you'd need to analyze order.items JSON data
+    # For now, return available menu items ordered by creation date
+    query = (
+        select(MenuItem)
+        .where(MenuItem.available == True)
+        .order_by(col(MenuItem.created_at).desc())
+        .limit(limit)
+    )
+    
+    result = await db.execute(query)
+    menu_items = result.scalars().all()
+    
+    # Convert to dict format with placeholder order counts
+    return [
+        {
+            "menu_item": item,
+            "order_count": 0,  # Would need complex query to calculate
+            "total_revenue": 0  # Would need complex query to calculate
+        }
+        for item in menu_items
+    ]

data/慢性病飲食原則.md

@@ -0,0 +1,57 @@
+糖尿病飲食原則
+
+1.定時定量，忌暴飲暴食。
+2.維持理想體重，忌肥胖。
+3.均衡攝取各類食物，並依個人需求控制飲食份量。
+4.儘量選擇高纖維食物，三餐以全穀類或雜糧飯代替白米飯，再搭配蔬菜類(如：葉菜類、菇類、竹筍、絲瓜、胡瓜、莢豆類、海帶等)。
+5.烹調遵守少油、少鹽、少糖的原則，烹調採用清蒸、水煮、涼拌、燒、烤、 燉、滷等方式較佳。
+6.減少油炸、油煎、油酥以及豬皮、雞皮、鴨皮、魚皮等食物之攝取。
+7.炒菜多選用單元不飽和脂肪酸含量高油脂如橄欖油、菜籽油等。
+8.若血液膽固醇濃度過高，需減少飽和脂肪酸攝取(如:肥肉、動物油、動物皮、全脂奶、椰子油)，並依個人需求控制飲食中肉品的份量
+9.避免攝取精緻的甜食、含有蔗糖或果糖的飲料、各式糖果或餅乾、水果罐頭等加糖製品，嗜甜食者可使用代糖。
+10.儘量避免喝酒，若應酬需飲酒時，要限量飲用，並應避免空腹喝酒。
+11.注射胰島素或口服降血糖藥物後，若延緩用餐時，需事先進食少許點心，如：一份吐司（25g）或ㄧ杯鮮奶（240ml），並隨身攜帶糖果以防低血糖發生。
+12.ㄧ旦有低血糖症狀，如：飢餓、發抖、冒冷汗、心跳加快、無力、頭暈、嘴唇麻等，應立即進食含10~15公克容易吸收之糖份的食品，例如：含糖飲料(120~150ml)或3-4顆方糖或一匙蜂蜜。
+13.從事額外的運動之前，須先吃些點心。若從事劇烈的運動，每半小時吃含15公克醣類的食物，例如：ㄧ片吐司(25g)或一份水果。
+14.與營養師共同協商，訂定飲食計畫。
+高血壓飲食原則
+1.均衡飲食。
+2.控制體重：體重過重者利用飲食、運動使體重下降有利體重控制。
+3.低油飲食：
+
+避免肥肉、豬（雞）皮及油酥糕點攝取
+多用蒸、煮、烤、滷、涼拌等烹調方式以減少油脂攝入。
+4.減少鈉攝取：
+少用鹽、醬油、味精、烏醋等含鈉調味料
+加工食品含鈉量高，例如：麵線、油麵、蘇打餅乾、乳酪、加工肉類（香腸、火腿）、雞精、蜜餞、運動飲料、碳酸飲料、花生醬、罐頭食品等，應儘量少用。
+多選用新鮮食材，自行烹調。
+5.飲食中的鉀離子有對抗高血壓的保護作用，新鮮蔬果多為高鉀食物，增加攝取可幫助血壓控制。
+6.飲食中的鈣離子及鎂離子對於高血壓也有幫助，含鈣離子較多的食物有低脂奶類及製品、小魚干、豆乾、豆腐、深綠色蔬菜、海菜類，含鎂離子較多的食物有海藻、髮菜、海鮮、堅果類、全穀類、綠色蔬菜。
+7.多攝取纖維可使排便順暢，避免因用力解便而使血壓上升。
+8.烹調用油少用動物性油脂(豬油、牛油等)，以植物油烹調。
+9.適當調整生活型態，如:戒菸酒、少用刺激性食物、規律運動以及壓力調適。
+高脂血症飲食
+高膽固醇血症飲食原則：
+
+1.維持理想體重，避免肥胖。
+2.控制油脂攝取量，減少油炸、油煎，盡量採用清蒸、水煮、涼拌、燒、烤、燉、滷等方式較佳。
+3.少吃含有飽和脂肪酸的食物：
+少吃豬油、奶油、牛油、椰子油
+不要吃雞皮、豬皮、鴨皮、焢肉、三層肉、梅花肉
+多選白肉少吃紅肉
+4.炒菜多選用單元不飽和脂肪酸含量高的油脂(如:橄欖油、芥花油等)，並避免高溫烹調。
+5.少吃含有反式脂肪酸的食物：
+少吃酥油、白油、乳瑪琳等。
+各式甜鹹麵包、油酥糕餅、蛋糕。
+各式甜鹹餅乾。
+6.多選用富含高纖維的食物，如：全穀雜糧類、未加工的豆類、蔬菜、水果等。
+7.適當調整生活型態，如戒菸酒、規律運動以及壓力調適。
+
+高三酸甘油酯飲食原則：
+1.控制體重可明顯降低血液中三酸甘油酯濃度。
+2.多採用複合式醣類食物，如：全穀根莖類；並避免攝取精緻的甜食、含有蔗糖或果糖的飲料、各式糖果或餅乾、水果罐頭等加糖製品。
+3.可多攝取富含ω-3脂肪酸的魚類，如：秋刀魚、鮭魚、鯖魚、鰻魚、白鯧魚、牡蠣等。
+4.不宜飲酒。
+5.控制油脂攝取量，減少油炸、油煎、油酥以及豬皮、雞皮、鴨皮、魚皮等食物之攝取，盡量採用清蒸、水煮、涼拌、燒、烤、燉、滷等方式較佳。
+6.炒菜多選用單元不飽和脂肪酸含量高的油脂如橄欖油、芥花油等，並避免高溫烹調。
+ 資料維護人：羅東聖母醫院 

database.py

@@ -0,0 +1,91 @@
+"""
+Database configuration and session management for Silver Table Assistant backend.
+Uses SQLModel with AsyncEngine for Supabase PostgreSQL with pgvector support.
+"""
+
+import os
+from typing import AsyncGenerator
+
+from sqlalchemy.ext.asyncio import AsyncEngine, AsyncSession, create_async_engine
+from sqlalchemy.orm import sessionmaker
+from sqlmodel import SQLModel
+
+# Environment variables
+SUPABASE_URL = os.getenv("SUPABASE_URL")
+SUPABASE_SERVICE_ROLE_KEY = os.getenv("SUPABASE_SERVICE_ROLE_KEY")
+DATABASE_URL = os.getenv("DATABASE_URL")
+
+# Validate required environment variables
+if not SUPABASE_URL:
+    raise ValueError("SUPABASE_URL environment variable is required")
+if not SUPABASE_SERVICE_ROLE_KEY:
+    raise ValueError("SUPABASE_SERVICE_ROLE_KEY environment variable is required")
+
+# Construct database URL for async Supabase connection
+# Using service role key for server-side operations
+if DATABASE_URL:
+    # Use provided DATABASE_URL if available
+    ASYNC_DATABASE_URL = DATABASE_URL.replace("postgresql://", "postgresql+asyncpg://")
+else:
+    # Construct from Supabase URL
+    # Format: postgresql+asyncpg://postgres:[password]@db.[project-ref].supabase.co:5432/postgres
+    base_url = SUPABASE_URL.replace("https://", "").replace("http://", "")
+    project_ref = base_url.split(".")[0]
+    ASYNC_DATABASE_URL = f"postgresql+asyncpg://postgres:{SUPABASE_SERVICE_ROLE_KEY}@db.{project_ref}.supabase.co:5432/postgres"
+
+from sqlalchemy.pool import NullPool
+
+# Create async engine with pgvector support
+# Using NullPool because we are connecting through PGBouncer in transaction mode (port 6543)
+engine: AsyncEngine = create_async_engine(
+    ASYNC_DATABASE_URL,
+    echo=False,  # Set to True for SQL query logging
+    poolclass=NullPool,
+    # Additional settings for Supabase/PGBouncer
+    connect_args={
+        "statement_cache_size": 0,  # Disable prepared statement cache for PGBouncer
+        "server_settings": {
+            "jit": "off",  # Disable JIT for pgvector compatibility
+        }
+    },
+)
+
+# Create session factory
+SessionLocal = sessionmaker(
+    bind=engine,
+    class_=AsyncSession,
+    expire_on_commit=False,
+    autocommit=False,
+    autoflush=False,
+)
+
+
+async def create_db_and_tables() -> None:
+    """Create database tables if they don't exist."""
+    async with engine.begin() as conn:
+        await conn.run_sync(SQLModel.metadata.create_all)
+
+
+async def get_session() -> AsyncGenerator[AsyncSession, None]:
+    """
+    Dependency function to get database session.
+    Should be used with FastAPI's Depends() decorator.
+    """
+    async with SessionLocal() as session:
+        try:
+            yield session
+        finally:
+            await session.close()
+
+
+def get_db_session() -> AsyncSession:
+    """
+    Get a database session for use in functions.
+    Remember to close the session after use.
+    """
+    return SessionLocal()
+
+
+async def close_db_connections() -> None:
+    """Close all database connections."""
+    await engine.dispose()

dependencies.py

@@ -0,0 +1,335 @@
+"""
+Authentication and authorization dependencies for Silver Table Assistant.
+Provides JWT verification and user role management using Supabase Auth.
+"""
+
+import os
+import jwt
+from typing import Optional, Dict, Any, Callable
+from fastapi import Depends, HTTPException, status, Request
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from supabase import create_client, Client
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from database import get_session
+from models import Profile
+
+
+# Initialize Supabase client
+SUPABASE_URL = os.getenv("SUPABASE_URL")
+SUPABASE_SERVICE_ROLE_KEY = os.getenv("SUPABASE_SERVICE_ROLE_KEY")
+
+if not SUPABASE_URL or not SUPABASE_SERVICE_ROLE_KEY:
+    raise ValueError("SUPABASE_URL and SUPABASE_SERVICE_ROLE_KEY environment variables are required")
+
+supabase: Client = create_client(SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY)
+
+# Security scheme
+security = HTTPBearer()
+
+
+class AuthenticationError(HTTPException):
+    """Custom exception for authentication failures."""
+    
+    def __init__(self, detail: str = "Could not validate credentials"):
+        super().__init__(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=detail,
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
+
+class AuthorizationError(HTTPException):
+    """Custom exception for authorization failures."""
+    
+    def __init__(self, detail: str = "Not enough permissions"):
+        super().__init__(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail=detail,
+        )
+
+
+class User:
+    """User class representing an authenticated user."""
+    
+    def __init__(
+        self,
+        user_id: str,
+        email: Optional[str] = None,
+        role: Optional[str] = None,
+        metadata: Optional[Dict[str, Any]] = None,
+        raw_user: Optional[Dict[str, Any]] = None
+    ):
+        self.user_id = user_id
+        self.email = email
+        self.role = role or "family" # Default to family
+        self.metadata = metadata or {}
+        self.raw_user = raw_user or {}
+
+
+async def verify_jwt_token(token: str) -> Dict[str, Any]:
+    """
+    Verify JWT token using Supabase Auth.
+    
+    Args:
+        token: JWT token to verify
+        
+    Returns:
+        Decoded user information
+        
+    Raises:
+        AuthenticationError: If token is invalid
+    """
+    try:
+        # Verify the token with Supabase
+        response = supabase.auth.get_user(token)
+        
+        if response.user is None:
+            raise AuthenticationError("Invalid token")
+            
+        return {
+            "user_id": response.user.id,
+            "email": response.user.email,
+            "role": response.user.user_metadata.get("role", "user"),
+            "metadata": response.user.user_metadata,
+            "raw_user": response.user.__dict__
+        }
+    except Exception as e:
+        raise AuthenticationError(f"Token verification failed: {str(e)}")
+
+
+async def get_current_user(
+    credentials: HTTPAuthorizationCredentials = Depends(security)
+) -> User:
+    """
+    Get current authenticated user from JWT token.
+    
+    Args:
+        credentials: HTTP authorization credentials
+        
+    Returns:
+        User object with authentication information
+        
+    Raises:
+        AuthenticationError: If authentication fails
+    """
+    if not credentials:
+        raise AuthenticationError("No credentials provided")
+        
+    try:
+        # Extract token from Bearer scheme
+        token = credentials.credentials
+        
+        # Verify token and get user info
+        user_data = await verify_jwt_token(token)
+        
+        return User(
+            user_id=user_data["user_id"],
+            email=user_data["email"],
+            role=user_data["role"],
+            metadata=user_data["metadata"],
+            raw_user=user_data["raw_user"]
+        )
+    except AuthenticationError:
+        raise
+    except Exception as e:
+        raise AuthenticationError(f"Authentication failed: {str(e)}")
+
+
+async def get_optional_user(
+    request: Request
+) -> Optional[User]:
+    """
+    Get current user if authenticated, otherwise return None.
+    
+    Args:
+        request: FastAPI request object
+        
+    Returns:
+        User object or None
+    """
+    try:
+        # Extract token from Authorization header if present
+        auth_header = request.headers.get("Authorization")
+        if not auth_header or not auth_header.startswith("Bearer "):
+            return None
+            
+        token = auth_header.split(" ", 1)[1]
+        credentials = HTTPAuthorizationCredentials(scheme="Bearer", credentials=token)
+        
+        return await get_current_user(credentials)
+    except AuthenticationError:
+        return None
+    except Exception:
+        return None
+
+
+def require_role(required_role: str) -> Callable:
+    """
+    Dependency factory to require specific user role.
+    
+    Args:
+        required_role: Required user role
+        
+    Returns:
+        Dependency function
+    """
+    async def role_checker(user: User = Depends(get_current_user)) -> User:
+        if user.role != required_role and user.role != "admin":
+            raise AuthorizationError(
+                f"Required role: {required_role}, your role: {user.role}"
+            )
+        return user
+    return role_checker
+
+
+def require_roles(allowed_roles: list[str]) -> Callable:
+    """
+    Dependency factory to require one of multiple user roles.
+    
+    Args:
+        allowed_roles: List of allowed user roles
+        
+    Returns:
+        Dependency function
+    """
+    async def roles_checker(user: User = Depends(get_current_user)) -> User:
+        if user.role not in allowed_roles and user.role != "admin":
+            raise AuthorizationError(
+                f"Required roles: {allowed_roles}, your role: {user.role}"
+            )
+        return user
+    return roles_checker
+
+
+async def get_user_profile(
+    user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_session)
+) -> Optional[Profile]:
+    """
+    Get user's first profile from database (legacy/helper).
+    """
+    try:
+        from sqlmodel import select
+        from uuid import UUID
+        user_id_uuid = UUID(user.user_id)
+        result = await db.execute(
+            select(Profile).where(Profile.user_id == user_id_uuid)
+        )
+        profile = result.scalars().first()
+        return profile
+    except Exception as e:
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Failed to fetch user profile: {str(e)}"
+        )
+
+
+async def get_or_create_user_profile(
+    user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_session)
+) -> Profile:
+    """
+    Get existing user profile or create a generic one.
+    """
+    profile = await get_user_profile(user, db)
+    
+    if profile is None:
+        from models import Profile
+        from uuid import UUID, uuid4
+        
+        user_id_uuid = UUID(user.user_id)
+        
+        # Create new profile with default values matching new schema
+        profile = Profile(
+            id=uuid4(),
+            user_id=user_id_uuid,
+            name=user.email.split('@')[0] if user.email else "User",
+            age=70,
+            gender="male",
+            height=165.0,
+            weight=60.0,
+            chronic_diseases=[],
+            dietary_restrictions=[],
+            chewing_ability="normal"
+        )
+        
+        db.add(profile)
+        await db.commit()
+        await db.refresh(profile)
+    
+    return profile
+
+
+def get_user_metadata(user: User = Depends(get_current_user)) -> Dict[str, Any]:
+    """
+    Get user metadata for use in AI prompts and recommendations.
+    
+    Args:
+        user: Authenticated user
+        
+    Returns:
+        User metadata dictionary
+    """
+    return {
+        "user_id": user.user_id,
+        "email": user.email,
+        "role": user.role,
+        **user.metadata
+    }
+
+
+def get_admin_user(
+    admin_only: User = Depends(require_role("admin"))
+) -> User:
+    """
+    Dependency for admin-only endpoints.
+    
+    Args:
+        admin_only: User with admin role
+        
+    Returns:
+        Admin user
+    """
+    return admin_only
+
+
+# Utility functions for role-based access control
+
+def is_admin(user: User) -> bool:
+    """Check if user is an admin."""
+    return user.role == "admin"
+
+
+def is_staff(user: User) -> bool:
+    """Check if user is staff or admin."""
+    return user.role in ["staff", "admin"]
+
+
+def can_access_health_data(user: User) -> bool:
+    """Check if user can access health-related data."""
+    return user.role in ["admin", "staff", "user"]
+
+
+def can_manage_orders(user: User) -> bool:
+    """Check if user can manage orders."""
+    return user.role in ["admin", "staff"]
+
+
+def can_view_analytics(user: User) -> bool:
+    """Check if user can view analytics."""
+    return user.role == "admin"
+
+
+# CORS and security utilities
+
+def get_allowed_origins() -> list[str]:
+    """Get allowed CORS origins from environment."""
+    from config import settings
+    return settings.cors_origins
+
+
+def get_api_version() -> str:
+    """Get API version from environment or default."""
+    from config import settings
+    return settings.api_version

exceptions.py

@@ -0,0 +1,237 @@
+"""
+Custom exceptions and error handling for Silver Table Assistant.
+Provides structured error handling and logging.
+"""
+
+import logging
+from typing import Any, Dict, Optional
+from fastapi import HTTPException, status
+from sqlalchemy.exc import SQLAlchemyError, IntegrityError
+try:
+    from stripe import StripeError, CardError, AuthenticationError, InvalidRequestError
+except ImportError:
+    # Fallback for different stripe versions or if not installed
+    class StripeError(Exception): pass
+    class CardError(StripeError): pass
+    class AuthenticationError(StripeError): pass
+    class InvalidRequestError(StripeError): pass
+
+
+# Configure logging
+logger = logging.getLogger(__name__)
+
+
+class SilverTableException(Exception):
+    """Base exception for Silver Table Assistant."""
+    
+    def __init__(self, message: str, details: Optional[Dict[str, Any]] = None):
+        self.message = message
+        self.details = details or {}
+        super().__init__(self.message)
+    
+    def to_dict(self) -> Dict[str, Any]:
+        """Convert exception to dictionary for logging/response."""
+        return {
+            "error": self.__class__.__name__,
+            "message": self.message,
+            "details": self.details
+        }
+
+
+class DatabaseException(SilverTableException):
+    """Database-related errors."""
+    pass
+
+
+class PaymentException(SilverTableException):
+    """Payment/Stripe-related errors."""
+    pass
+
+
+class AuthenticationException(SilverTableException):
+    """Authentication-related errors."""
+    pass
+
+
+class ValidationException(SilverTableException):
+    """Data validation errors."""
+    pass
+
+
+class ExternalServiceException(SilverTableException):
+    """External service (OpenAI, etc.) errors."""
+    pass
+
+
+def handle_database_error(error: Exception, operation: str) -> DatabaseException:
+    """Handle database errors with appropriate logging."""
+    
+    if isinstance(error, IntegrityError):
+        message = f"Database integrity error during {operation}"
+        logger.error(f"{message}: {str(error)}", extra={"error_type": "integrity_error"})
+    elif isinstance(error, SQLAlchemyError):
+        message = f"Database operation failed during {operation}"
+        logger.error(f"{message}: {str(error)}", extra={"error_type": "sqlalchemy_error"})
+    else:
+        message = f"Unexpected database error during {operation}"
+        logger.error(f"{message}: {str(error)}", extra={"error_type": "unknown_db_error"})
+    
+    return DatabaseException(message, {"operation": operation, "original_error": str(error)})
+
+
+def handle_payment_error(error: Exception, operation: str) -> PaymentException:
+    """Handle Stripe payment errors with appropriate logging."""
+    
+    if isinstance(error, CardError):
+        message = f"Payment card error during {operation}: {error.user_message}"
+        logger.warning(f"{message}: {str(error)}", extra={"error_type": "card_error"})
+    elif isinstance(error, AuthenticationError):
+        message = f"Payment authentication error during {operation}"
+        logger.error(f"{message}: {str(error)}", extra={"error_type": "auth_error"})
+    elif isinstance(error, InvalidRequestError):
+        message = f"Invalid payment request during {operation}: {str(error)}"
+        logger.warning(f"{message}: {str(error)}", extra={"error_type": "invalid_request"})
+    elif isinstance(error, StripeError):
+        message = f"Stripe error during {operation}: {str(error)}"
+        logger.error(f"{message}: {str(error)}", extra={"error_type": "stripe_error"})
+    else:
+        message = f"Unexpected payment error during {operation}"
+        logger.error(f"{message}: {str(error)}", extra={"error_type": "unknown_payment_error"})
+    
+    return PaymentException(message, {"operation": operation, "original_error": str(error)})
+
+
+def handle_external_service_error(error: Exception, service: str, operation: str) -> ExternalServiceException:
+    """Handle external service errors (OpenAI, etc.)."""
+    
+    message = f"{service} service error during {operation}: {str(error)}"
+    logger.error(message, extra={"error_type": "external_service_error", "service": service})
+    
+    return ExternalServiceException(
+        message, 
+        {"service": service, "operation": operation, "original_error": str(error)}
+    )
+
+
+def handle_authentication_error(error: Exception, operation: str) -> AuthenticationException:
+    """Handle authentication errors."""
+    
+    message = f"Authentication error during {operation}: {str(error)}"
+    logger.warning(message, extra={"error_type": "auth_error"})
+    
+    return AuthenticationException(message, {"operation": operation, "original_error": str(error)})
+
+
+def handle_validation_error(error: Exception, field: str, operation: str) -> ValidationException:
+    """Handle validation errors."""
+    
+    message = f"Validation error in {field} during {operation}: {str(error)}"
+    logger.warning(message, extra={"error_type": "validation_error", "field": field})
+    
+    return ValidationException(
+        message, 
+        {"field": field, "operation": operation, "original_error": str(error)}
+    )
+
+
+def http_exception_from_custom(exception: SilverTableException, status_code: int = status.HTTP_500_INTERNAL_SERVER_ERROR) -> HTTPException:
+    """Convert custom exception to FastAPI HTTPException."""
+    
+    return HTTPException(
+        status_code=status_code,
+        detail={
+            "error": exception.__class__.__name__,
+            "message": exception.message,
+            "details": exception.details
+        }
+    )
+
+
+def log_and_handle_error(
+    error: Exception, 
+    context: str, 
+    operation: str,
+    reraise: bool = True
+) -> Optional[SilverTableException]:
+    """
+    Centralized error handling with logging.
+    
+    Args:
+        error: The exception that occurred
+        context: Context where the error occurred
+        operation: Operation being performed
+        reraise: Whether to reraise as custom exception
+        
+    Returns:
+        Custom exception if not reraising, None otherwise
+    """
+    
+    try:
+        if isinstance(error, (SQLAlchemyError, IntegrityError)):
+            custom_exception = handle_database_error(error, operation)
+        elif isinstance(error, StripeError):
+            custom_exception = handle_payment_error(error, operation)
+        elif isinstance(error, (AuthenticationError,)):
+            custom_exception = handle_authentication_error(error, operation)
+        else:
+            # Generic error handling
+            message = f"Unexpected error during {operation} in {context}: {str(error)}"
+            logger.error(message, extra={"error_type": "unexpected_error", "context": context})
+            custom_exception = SilverTableException(
+                message, 
+                {"context": context, "operation": operation, "original_error": str(error)}
+            )
+        
+        if reraise:
+            raise custom_exception
+        else:
+            return custom_exception
+            
+    except Exception as handling_error:
+        logger.error(f"Error in error handler: {str(handling_error)}")
+        if reraise:
+            raise SilverTableException(f"Error handling failed: {str(handling_error)}")
+        else:
+            return SilverTableException(f"Error handling failed: {str(handling_error)}")
+
+
+# Context manager for database operations
+class DatabaseTransaction:
+    """Context manager for database transactions with proper error handling."""
+    
+    def __init__(self, session):
+        self.session = session
+    
+    async def __aenter__(self):
+        return self.session
+    
+    async def __aexit__(self, exc_type, exc_val, exc_tb):
+        if exc_type is not None:
+            # Rollback on error
+            await self.session.rollback()
+            logger.error(f"Database transaction rolled back due to: {exc_val}")
+        else:
+            # Commit on success
+            try:
+                await self.session.commit()
+            except Exception as e:
+                await self.session.rollback()
+                raise handle_database_error(e, "transaction_commit")
+        
+        await self.session.close()
+
+
+# Decorator for automatic error handling
+def handle_errors(operation: str, reraise: bool = True):
+    """Decorator for automatic error handling in functions."""
+    
+    def decorator(func):
+        async def wrapper(*args, **kwargs):
+            try:
+                return await func(*args, **kwargs)
+            except Exception as e:
+                return log_and_handle_error(e, func.__name__, operation, reraise)
+        
+        return wrapper
+    
+    return decorator

menu_data.py

@@ -0,0 +1,413 @@
+"""
+Taiwanese elderly-friendly meal data for Silver Table Assistant.
+Provides 15-20 nutritious, easy-to-chew meals suitable for seniors.
+"""
+
+from typing import List, Dict, Any
+
+# Taiwanese elderly-friendly menu items
+MENU_ITEMS: List[Dict[str, Any]] = [
+    {
+        "id": 1,
+        "name": "清蒸鱸魚",
+        "description": "新鮮鱸魚配薑絲蒸煮，魚肉嫩滑易咀嚼，富含優質蛋白質",
+        "suitable_for": ["高血壓", "糖尿病", "牙口不好", "清淡飲食"],
+        "image_url": "https://placehold.co/400x300?text=清蒸鱸魚",
+        "nutrition": {
+            "calories": 180,
+            "protein": 25.0,
+            "fat": 8.0,
+            "carbs": 2.0,
+            "sodium": 120,
+            "fiber": 0.5,
+            "sugar": 1.0
+        },
+        "price": 28000,  # 280元 in cents
+        "category": "蛋白質類",
+        "available": True
+    },
+    {
+        "id": 2,
+        "name": "南瓜燉肉",
+        "description": "南瓜與瘦肉慢燉，口感軟糯，富含維生素A和膳食纖維",
+        "suitable_for": ["高血壓", "便秘", "營養不良"],
+        "image_url": "https://placehold.co/400x300?text=南瓜燉肉",
+        "nutrition": {
+            "calories": 220,
+            "protein": 18.0,
+            "fat": 12.0,
+            "carbs": 15.0,
+            "sodium": 200,
+            "fiber": 3.0,
+            "sugar": 8.0
+        },
+        "price": 22000,  # 220元 in cents
+        "category": "葷食類",
+        "available": True
+    },
+    {
+        "id": 3,
+        "name": "白蘿蔔湯",
+        "description": "清淡蘿蔔湯，口感軟嫩，幫助消化，利尿消腫",
+        "suitable_for": ["高血壓", "糖尿病", "便秘", "清淡飲食"],
+        "image_url": "https://placehold.co/400x300?text=白蘿蔔湯",
+        "nutrition": {
+            "calories": 45,
+            "protein": 2.0,
+            "fat": 0.5,
+            "carbs": 9.0,
+            "sodium": 150,
+            "fiber": 2.0,
+            "sugar": 4.0
+        },
+        "price": 8000,  # 80元 in cents
+        "category": "湯品",
+        "available": True
+    },
+    {
+        "id": 4,
+        "name": "蒸蛋羹",
+        "description": "嫩滑蒸蛋，口感柔軟易吞嚥，富含優質蛋白質",
+        "suitable_for": ["牙口不好", "營養不良", "清淡飲食"],
+        "image_url": "https://placehold.co/400x300?text=蒸蛋羹",
+        "nutrition": {
+            "calories": 120,
+            "protein": 10.0,
+            "fat": 8.0,
+            "carbs": 2.0,
+            "sodium": 80,
+            "fiber": 0.0,
+            "sugar": 1.5
+        },
+        "price": 6000,  # 60元 in cents
+        "category": "蛋白質類",
+        "available": True
+    },
+    {
+        "id": 5,
+        "name": "紅棗銀耳湯",
+        "description": "溫潤甜湯，銀耳富含膠質，紅棗補血養顏",
+        "suitable_for": ["糖尿病", "便秘", "美容養顏"],
+        "image_url": "https://placehold.co/400x300?text=紅棗銀耳湯",
+        "nutrition": {
+            "calories": 95,
+            "protein": 1.5,
+            "fat": 0.3,
+            "carbs": 22.0,
+            "sodium": 20,
+            "fiber": 4.0,
+            "sugar": 15.0
+        },
+        "price": 12000,  # 120元 in cents
+        "category": "甜品類",
+        "available": True
+    },
+    {
+        "id": 6,
+        "name": "菠菜豆腐湯",
+        "description": "嫩菠菜配軟豆腐，富含鐵質和蛋白質",
+        "suitable_for": ["高血壓", "糖尿病", "牙口不好"],
+        "image_url": "https://placehold.co/400x300?text=菠菜豆腐湯",
+        "nutrition": {
+            "calories": 85,
+            "protein": 8.0,
+            "fat": 4.0,
+            "carbs": 6.0,
+            "sodium": 180,
+            "fiber": 2.5,
+            "sugar": 2.0
+        },
+        "price": 10000,  # 100元 in cents
+        "category": "蔬菜類",
+        "available": True
+    },
+    {
+        "id": 7,
+        "name": "山藥排骨湯",
+        "description": "滋補湯品，山藥健脾益胃，排骨補充鈣質",
+        "suitable_for": ["高血壓", "糖尿病", "營養不良"],
+        "image_url": "https://placehold.co/400x300?text=山藥排骨湯",
+        "nutrition": {
+            "calories": 165,
+            "protein": 12.0,
+            "fat": 10.0,
+            "carbs": 6.0,
+            "sodium": 220,
+            "fiber": 1.5,
+            "sugar": 2.5
+        },
+        "price": 18000,  # 180元 in cents
+        "category": "湯品",
+        "available": True
+    },
+    {
+        "id": 8,
+        "name": "小米粥",
+        "description": "溫和養胃小米粥，易消化，適合早晚食用",
+        "suitable_for": ["糖尿病", "牙口不好", "清淡飲食"],
+        "image_url": "https://placehold.co/400x300?text=小米粥",
+        "nutrition": {
+            "calories": 120,
+            "protein": 4.0,
+            "fat": 2.0,
+            "carbs": 22.0,
+            "sodium": 50,
+            "fiber": 2.0,
+            "sugar": 1.0
+        },
+        "price": 5000,  # 50元 in cents
+        "category": "主食類",
+        "available": True
+    },
+    {
+        "id": 9,
+        "name": "香菇雞湯",
+        "description": "香菇雞肉湯，鮮美營養，增強免疫力",
+        "suitable_for": ["高血壓", "營養不良", "清淡飲食"],
+        "image_url": "https://placehold.co/400x300?text=香菇雞湯",
+        "nutrition": {
+            "calories": 150,
+            "protein": 20.0,
+            "fat": 6.0,
+            "carbs": 3.0,
+            "sodium": 280,
+            "fiber": 1.0,
+            "sugar": 1.5
+        },
+        "price": 16000,  # 160元 in cents
+        "category": "湯品",
+        "available": True
+    },
+    {
+        "id": 10,
+        "name": "冬瓜排骨湯",
+        "description": "清淡冬瓜湯，利尿消腫，適合夏季食用",
+        "suitable_for": ["高血壓", "糖尿病", "水腫"],
+        "image_url": "https://placehold.co/400x300?text=冬瓜排骨湯",
+        "nutrition": {
+            "calories": 110,
+            "protein": 10.0,
+            "fat": 6.0,
+            "carbs": 5.0,
+            "sodium": 200,
+            "fiber": 1.5,
+            "sugar": 3.0
+        },
+        "price": 14000,  # 140元 in cents
+        "category": "湯品",
+        "available": True
+    },
+    {
+        "id": 11,
+        "name": "紫薯泥",
+        "description": "軟糯紫薯泥，富含花青素和膳食纖維",
+        "suitable_for": ["糖尿病", "便秘", "抗氧化"],
+        "image_url": "https://placehold.co/400x300?text=紫薯泥",
+        "nutrition": {
+            "calories": 130,
+            "protein": 2.5,
+            "fat": 0.3,
+            "carbs": 30.0,
+            "sodium": 30,
+            "fiber": 4.0,
+            "sugar": 8.0
+        },
+        "price": 7000,  # 70元 in cents
+        "category": "副食類",
+        "available": True
+    },
+    {
+        "id": 12,
+        "name": "蓮子銀耳湯",
+        "description": "養生甜湯，蓮子寧心安神，銀耳潤肺",
+        "suitable_for": ["失眠", "便秘", "美容養顏"],
+        "image_url": "https://placehold.co/400x300?text=蓮子銀耳湯",
+        "nutrition": {
+            "calories": 85,
+            "protein": 2.0,
+            "fat": 0.2,
+            "carbs": 20.0,
+            "sodium": 15,
+            "fiber": 3.5,
+            "sugar": 12.0
+        },
+        "price": 11000,  # 110元 in cents
+        "category": "甜品類",
+        "available": True
+    },
+    {
+        "id": 13,
+        "name": "蒸蛋",
+        "description": "嫩滑蒸蛋，簡單易消化，營養豐富",
+        "suitable_for": ["牙口不好", "營養不良", "清淡飲食"],
+        "image_url": "https://placehold.co/400x300?text=蒸蛋",
+        "nutrition": {
+            "calories": 100,
+            "protein": 8.0,
+            "fat": 7.0,
+            "carbs": 1.0,
+            "sodium": 70,
+            "fiber": 0.0,
+            "sugar": 1.0
+        },
+        "price": 4000,  # 40元 in cents
+        "category": "蛋白質類",
+        "available": True
+    },
+    {
+        "id": 14,
+        "name": "木瓜牛奶",
+        "description": "溫潤木瓜牛奶，有助消化，補充維生素",
+        "suitable_for": ["便秘", "美容養顏", "清淡飲食"],
+        "image_url": "https://placehold.co/400x300?text=木瓜牛奶",
+        "nutrition": {
+            "calories": 150,
+            "protein": 8.0,
+            "fat": 6.0,
+            "carbs": 18.0,
+            "sodium": 120,
+            "fiber": 2.0,
+            "sugar": 16.0
+        },
+        "price": 9000,  # 90元 in cents
+        "category": "飲品類",
+        "available": True
+    },
+    {
+        "id": 15,
+        "name": "豆腐腦",
+        "description": "嫩滑豆腐腦，易吞嚥，富含植物蛋白",
+        "suitable_for": ["牙口不好", "高血壓", "清淡飲食"],
+        "image_url": "https://placehold.co/400x300?text=豆腐腦",
+        "nutrition": {
+            "calories": 80,
+            "protein": 6.0,
+            "fat": 4.0,
+            "carbs": 4.0,
+            "sodium": 160,
+            "fiber": 1.0,
+            "sugar": 2.0
+        },
+        "price": 3500,  # 35元 in cents
+        "category": "蛋白質類",
+        "available": True
+    },
+    {
+        "id": 16,
+        "name": "燕窩粥",
+        "description": "滋補燕窩粥，美容養顏，滋陰潤燥",
+        "suitable_for": ["糖尿病", "美容養顏", "營養不良"],
+        "image_url": "https://placehold.co/400x300?text=燕窩粥",
+        "nutrition": {
+            "calories": 140,
+            "protein": 6.0,
+            "fat": 1.5,
+            "carbs": 26.0,
+            "sodium": 40,
+            "fiber": 1.0,
+            "sugar": 3.0
+        },
+        "price": 35000,  # 350元 in cents
+        "category": "主食類",
+        "available": True
+    },
+    {
+        "id": 17,
+        "name": "胡蘿蔔泥",
+        "description": "軟嫩胡蘿蔔泥，富含維生素A，保護視力",
+        "suitable_for": ["高血壓", "便秘", "護眼"],
+        "image_url": "https://placehold.co/400x300?text=胡蘿蔔泥",
+        "nutrition": {
+            "calories": 60,
+            "protein": 1.5,
+            "fat": 0.3,
+            "carbs": 14.0,
+            "sodium": 80,
+            "fiber": 3.5,
+            "sugar": 7.0
+        },
+        "price": 4500,  # 45元 in cents
+        "category": "副食類",
+        "available": True
+    },
+    {
+        "id": 18,
+        "name": "綠豆湯",
+        "description": "清熱解毒綠豆湯，消暑降火，利尿",
+        "suitable_for": ["高血壓", "水腫", "清熱解毒"],
+        "image_url": "https://placehold.co/400x300?text=綠豆湯",
+        "nutrition": {
+            "calories": 110,
+            "protein": 7.0,
+            "fat": 0.5,
+            "carbs": 22.0,
+            "sodium": 25,
+            "fiber": 6.0,
+            "sugar": 2.0
+        },
+        "price": 6500,  # 65元 in cents
+        "category": "甜品類",
+        "available": True
+    },
+    {
+        "id": 19,
+        "name": "雞肉粥",
+        "description": "營養雞肉粥，溫和養胃，適合病後調養",
+        "suitable_for": ["牙口不好", "營養不良", "腸胃虚弱"],
+        "image_url": "https://placehold.co/400x300?text=雞肉粥",
+        "nutrition": {
+            "calories": 160,
+            "protein": 12.0,
+            "fat": 4.0,
+            "carbs": 18.0,
+            "sodium": 180,
+            "fiber": 1.0,
+            "sugar": 1.5
+        },
+        "price": 15000,  # 150元 in cents
+        "category": "主食類",
+        "available": True
+    },
+    {
+        "id": 20,
+        "name": "紫菜蛋花湯",
+        "description": "清淡紫菜湯，富含碘質，有助甲狀腺健康",
+        "suitable_for": ["高血壓", "糖尿病", "清淡飲食"],
+        "image_url": "https://placehold.co/400x300?text=紫菜蛋花湯",
+        "nutrition": {
+            "calories": 40,
+            "protein": 3.0,
+            "fat": 2.0,
+            "carbs": 2.0,
+            "sodium": 200,
+            "fiber": 1.0,
+            "sugar": 1.0
+        },
+        "price": 5500,  # 55元 in cents
+        "category": "湯品",
+        "available": True
+    }
+]
+
+
+def get_menu_items() -> List[Dict[str, Any]]:
+    """Return the complete list of menu items."""
+    return MENU_ITEMS
+
+
+def get_menu_item_by_id(item_id: int) -> Dict[str, Any]:
+    """Get a specific menu item by ID."""
+    for item in MENU_ITEMS:
+        if item["id"] == item_id:
+            return item
+    raise ValueError(f"Menu item with ID {item_id} not found")
+
+
+def filter_menu_by_dietary_tag(tag: str) -> List[Dict[str, Any]]:
+    """Filter menu items by dietary tag."""
+    return [item for item in MENU_ITEMS if tag in item["suitable_for"]]
+
+
+def get_menu_items_by_category(category: str) -> List[Dict[str, Any]]:
+    """Filter menu items by category."""
+    return [item for item in MENU_ITEMS if item["category"] == category]

models.py

@@ -0,0 +1,254 @@
+"""
+SQLModel database models for Silver Table Assistant.
+Defines the data structure for profiles, orders, donations, and menu items.
+"""
+
+from datetime import datetime
+from typing import Optional, Dict, Any, List
+from uuid import UUID, uuid4
+
+from sqlmodel import SQLModel, Field, Column, JSON
+from sqlalchemy import Column as SQLColumn, DateTime
+from sqlalchemy.dialects.postgresql import UUID as PostgresUUID
+from sqlalchemy.sql import func
+from enum import Enum
+
+
+class OrderStatus(str, Enum):
+    """Order status enumeration."""
+    PENDING = "pending"
+    PAID = "paid"
+    COMPLETED = "completed"
+    CANCELLED = "cancelled"
+
+
+class DonationStatus(str, Enum):
+    """Donation status enumeration."""
+    PENDING = "pending"
+    COMPLETED = "completed"
+    FAILED = "failed"
+    CANCELLED = "cancelled"
+
+
+class Profile(SQLModel, table=True):
+    """Senior profile model for storing health and dietary information."""
+    
+    id: UUID = Field(
+        default_factory=uuid4,
+        sa_column=SQLColumn(PostgresUUID(as_uuid=True), primary_key=True)
+    )
+    user_id: UUID = Field(
+        description="Reference to the owner user",
+        index=True
+    )
+    name: str = Field(
+        max_length=255,
+        description="Senior's name"
+    )
+    age: int = Field(
+        description="Senior's age",
+        ge=0,
+        le=150
+    )
+    gender: str = Field(
+        max_length=20,
+        description="Senior's gender (male/female)"
+    )
+    height: float = Field(
+        description="Senior's height in cm"
+    )
+    weight: float = Field(
+        description="Senior's weight in kg"
+    )
+    # Using JSON for lists to maintain simplicity across DBs
+    chronic_diseases: List[str] = Field(
+        default_factory=list,
+        sa_column=SQLColumn(JSON)
+    )
+    dietary_restrictions: List[str] = Field(
+        default_factory=list,
+        sa_column=SQLColumn(JSON)
+    )
+    chewing_ability: str = Field(
+        default="normal",
+        max_length=50,
+        description="normal, soft, or pureed"
+    )
+    avatar_url: Optional[str] = Field(
+        default=None,
+        max_length=500
+    )
+    created_at: datetime = Field(
+        default_factory=func.now,
+        sa_column=SQLColumn(DateTime(timezone=True), server_default=func.now())
+    )
+    updated_at: datetime = Field(
+        default_factory=datetime.utcnow,
+        sa_column=SQLColumn(DateTime(timezone=True), server_default=func.now(), onupdate=func.now())
+    )
+
+
+class Order(SQLModel, table=True):
+    """Order model for storing food orders and payment information."""
+    
+    id: Optional[UUID] = Field(
+        default_factory=uuid4,
+        sa_column=SQLColumn(PostgresUUID(as_uuid=True), primary_key=True)
+    )
+    profile_id: UUID = Field(
+        foreign_key="profile.id",
+        description="Reference to the profile that made this order",
+        index=True
+    )
+    items: Dict[str, Any] = Field(
+        sa_column=Column(JSON),
+        description="JSON object containing order items with quantities and details"
+    )
+    total_amount: int = Field(
+        description="Total order amount in cents",
+        ge=0
+    )
+    status: str = Field(
+        default=OrderStatus.PENDING.value,
+        description="Order status: pending, paid, completed, cancelled",
+        max_length=50
+    )
+    stripe_session_id: Optional[str] = Field(
+        default=None,
+        description="Stripe checkout session ID for payment tracking",
+        max_length=1000
+    )
+    created_at: datetime = Field(
+        default_factory=func.now,
+        sa_column=SQLColumn(DateTime(timezone=True), server_default=func.now())
+    )
+    updated_at: datetime = Field(
+        default_factory=datetime.utcnow,
+        sa_column=SQLColumn(DateTime(timezone=True), server_default=func.now(), onupdate=func.now())
+    )
+
+
+class Donation(SQLModel, table=True):
+    """Donation model for storing donation information and payment details."""
+    
+    id: Optional[UUID] = Field(
+        default_factory=uuid4,
+        sa_column=SQLColumn(PostgresUUID(as_uuid=True), primary_key=True)
+    )
+    user_id: Optional[UUID] = Field(
+        default=None,
+        description="Optional reference to authenticated user",
+        index=True
+    )
+    donor_name: Optional[str] = Field(
+        default=None,
+        description="Donor's name (optional for anonymous donations)",
+        max_length=255
+    )
+    amount: int = Field(
+        description="Donation amount in cents",
+        ge=1
+    )
+    status: str = Field(
+        default=DonationStatus.PENDING.value,
+        description="Donation status: pending, completed, failed, cancelled",
+        max_length=50
+    )
+    stripe_session_id: Optional[str] = Field(
+        default=None,
+        description="Stripe checkout session ID for payment tracking",
+        max_length=1000
+    )
+    created_at: datetime = Field(
+        default_factory=func.now,
+        sa_column=SQLColumn(DateTime(timezone=True), server_default=func.now())
+    )
+    updated_at: datetime = Field(
+        default_factory=datetime.utcnow,
+        sa_column=SQLColumn(DateTime(timezone=True), server_default=func.now(), onupdate=func.now())
+    )
+
+
+class MenuItem(SQLModel, table=True):
+    """Menu item model for storing available food items and their nutritional information."""
+    
+    id: Optional[int] = Field(
+        default=None,
+        primary_key=True,
+        description="Menu item ID"
+    )
+    name: str = Field(
+        max_length=255,
+        description="Name of the menu item"
+    )
+    description: Optional[str] = Field(
+        default=None,
+        description="Detailed description of the menu item",
+        max_length=1000
+    )
+    suitable_for: List[str] = Field(
+        default_factory=list,
+        sa_column=Column(JSON),
+        description="List of suitable health conditions (e.g., ['高血壓', '牙口不好'])"
+    )
+    image_url: Optional[str] = Field(
+        default=None,
+        description="URL to the menu item image",
+        max_length=500
+    )
+    nutrition: Dict[str, Any] = Field(
+        sa_column=Column(JSON),
+        description="JSON object containing nutritional information (calories, protein, carbs, etc.)"
+    )
+    price: int = Field(
+        description="Price of the menu item in cents",
+        ge=0
+    )
+    category: Optional[str] = Field(
+        default=None,
+        description="Food category (e.g., 蛋白質類, 葷食類)",
+        max_length=100
+    )
+    available: bool = Field(
+        default=True,
+        description="Whether this menu item is currently available"
+    )
+    created_at: datetime = Field(
+        default_factory=func.now,
+        sa_column=SQLColumn(DateTime(timezone=True), server_default=func.now())
+    )
+
+
+# Chat conversation model for storing AI chat history
+class ChatConversation(SQLModel, table=True):
+    """Chat conversation model for storing AI chat history with users."""
+    
+    id: Optional[int] = Field(
+        default=None,
+        primary_key=True,
+        description="Chat conversation ID"
+    )
+    profile_id: Optional[UUID] = Field(
+        default=None,
+        foreign_key="profile.id",
+        description="Reference to the profile",
+        index=True
+    )
+    message: str = Field(
+        description="User's message",
+        max_length=5000
+    )
+    response: Optional[str] = Field(
+        default=None,
+        description="AI assistant's response",
+        max_length=5000
+    )
+    meta_data: Optional[Dict[str, Any]] = Field(
+        default={},
+        sa_column=Column(JSON),
+        description="Additional metadata (e.g., context, recommendations)"
+    )
+    created_at: datetime = Field(
+        default_factory=func.now,
+        sa_column=SQLColumn(DateTime(timezone=True), server_default=func.now())
+    )

rag.py

@@ -0,0 +1,469 @@
+"""
+RAG (Retrieval-Augmented Generation) service for Silver Table Assistant.
+Handles document loading, vector storage, and similarity search using Supabase vector store.
+"""
+
+import os
+import logging
+from pathlib import Path
+from typing import List, Optional, Dict, Any
+from uuid import uuid4
+
+import asyncio
+from langchain_openai import OpenAIEmbeddings
+from langchain_community.document_loaders import PyPDFLoader, UnstructuredMarkdownLoader
+from langchain_community.vectorstores import SupabaseVectorStore
+from langchain_text_splitters import RecursiveCharacterTextSplitter
+from supabase import create_client, Client
+from langchain_core.documents import Document
+from cache import DocumentCache, document_cache, cache_result
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+
+class RAGService:
+    """RAG service for document management and similarity search."""
+    
+    def __init__(self):
+        """Initialize RAG service with OpenAI embeddings (via LiteLLM) and Supabase vector store."""
+        # Environment variables
+        self.supabase_url = os.getenv("SUPABASE_URL")
+        self.supabase_service_key = os.getenv("SUPABASE_SERVICE_ROLE_KEY")
+        self.openai_api_key = os.getenv("OPENAI_API_KEY") or os.getenv("LITELLM_API_KEY", "sk-eT_04m428oAPUD5kUmIhVA")
+        self.openai_base_url = os.getenv("OPENAI_BASE_URL") or os.getenv("LITELLM_BASE_URL", "https://litellm-ekkks8gsocw.dgx-coolify.apmic.ai/")
+        
+        if not all([self.supabase_url, self.supabase_service_key, self.openai_api_key]):
+            raise ValueError("Missing required environment variables: SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY, OPENAI_API_KEY or LITELLM_API_KEY")
+        
+        # Initialize OpenAI embeddings (works with LiteLLM compatible endpoints)
+        embed_kwargs = {
+            "model": "azure-text-embedding-3-large",
+            "openai_api_key": self.openai_api_key
+        }
+        if self.openai_base_url:
+            embed_kwargs["openai_api_base"] = self.openai_base_url
+        
+        self.embeddings = OpenAIEmbeddings(**embed_kwargs)
+        logger.info(f"Initialized OpenAIEmbeddings with base_url: {self.openai_base_url}")
+        
+        # Initialize Supabase client
+        self.supabase_client: Client = create_client(
+            self.supabase_url, 
+            self.supabase_service_key
+        )
+        
+        # Initialize Supabase vector store
+        self.vector_store = SupabaseVectorStore(
+            client=self.supabase_client,
+            embedding=self.embeddings,
+            table_name="documents",
+            query_name="match_documents"
+        )
+        
+        # Text splitter for document chunking
+        self.text_splitter = RecursiveCharacterTextSplitter(
+            chunk_size=1000,
+            chunk_overlap=200,
+            length_function=len,
+            is_separator_regex=False,
+        )
+    
+    async def load_knowledge_base(self, data_dir: str = "backend/data") -> Dict[str, Any]:
+        """
+        Load and process documents from the data directory.
+        
+        Args:
+            data_dir: Path to directory containing documents
+            
+        Returns:
+            Dictionary with processing results
+        """
+        logger.info(f"Loading knowledge base from {data_dir}")
+        
+        data_path = Path(data_dir)
+        if not data_path.exists():
+            raise ValueError(f"Data directory {data_dir} does not exist")
+        
+        # Track processing results
+        results = {
+            "total_files": 0,
+            "processed_files": 0,
+            "failed_files": 0,
+            "total_chunks": 0,
+            "errors": []
+        }
+        
+        # Find all PDF and MD files
+        pdf_files = list(data_path.glob("**/*.pdf"))
+        md_files = list(data_path.glob("**/*.md"))
+        all_files = pdf_files + md_files
+        
+        results["total_files"] = len(all_files)
+        
+        if not all_files:
+            logger.warning(f"No PDF or MD files found in {data_dir}")
+            return results
+        
+        logger.info(f"Found {len(all_files)} files to process")
+        
+        # Process each file
+        for file_path in all_files:
+            try:
+                await self._process_file(file_path, results)
+            except Exception as e:
+                error_msg = f"Failed to process {file_path}: {str(e)}"
+                logger.error(error_msg)
+                results["errors"].append(error_msg)
+                results["failed_files"] += 1
+        
+        logger.info(f"Knowledge base loading completed: {results}")
+        return results
+    
+    async def _process_file(self, file_path: Path, results: Dict[str, Any]) -> None:
+        """
+        Process a single file and add to vector store.
+        
+        Args:
+            file_path: Path to the file
+            results: Results dictionary to update
+        """
+        logger.info(f"Processing file: {file_path}")
+        
+        # Load document based on file type
+        if file_path.suffix.lower() == ".pdf":
+            loader = PyPDFLoader(str(file_path))
+            documents = loader.load()
+        elif file_path.suffix.lower() == ".md":
+            # Try UnstructuredMarkdownLoader first, fallback to simple text loading
+            try:
+                loader = UnstructuredMarkdownLoader(str(file_path))
+                documents = loader.load()
+            except Exception:
+                # Fallback to simple text loading
+                with open(file_path, 'r', encoding='utf-8') as f:
+                    content = f.read()
+                documents = [Document(page_content=content, metadata={"source": str(file_path)})]
+        else:
+            raise ValueError(f"Unsupported file type: {file_path.suffix}")
+        
+        # Split documents into chunks
+        chunks = self.text_splitter.split_documents(documents)
+        
+        # Add metadata to chunks
+        for chunk in chunks:
+            chunk.metadata["source"] = str(file_path)
+            chunk.metadata["file_name"] = file_path.name
+            chunk.metadata["chunk_id"] = str(uuid4())
+        
+        # Add chunks to vector store
+        if chunks:
+            await self.vector_store.aadd_documents(chunks)
+            results["processed_files"] += 1
+            results["total_chunks"] += len(chunks)
+            logger.info(f"Added {len(chunks)} chunks from {file_path}")
+        else:
+            logger.warning(f"No chunks generated from {file_path}")
+    
+    @cache_result(document_cache, "rag_documents", ttl=1800)
+    async def get_relevant_documents(self, query: str, k: int = 8) -> List[Document]:
+        """
+        Perform similarity search to find relevant documents with caching.
+        
+        Args:
+            query: Search query
+            k: Number of documents to return (default: 8)
+            
+        Returns:
+            List of relevant Document objects
+        """
+        logger.info(f"Searching for relevant documents with query: '{query}' (k={k})")
+        
+        try:
+            # Check cache first
+            cached_results = DocumentCache.get_relevant_documents(query, k)
+            if cached_results is not None:
+                logger.info(f"Returning cached results for query: '{query}'")
+                return cached_results
+            
+            # Perform similarity search
+            try:
+                results = await self.vector_store.asimilarity_search(query, k=k)
+            except Exception as e:
+                if "'SyncRPCFilterRequestBuilder' object has no attribute 'params'" in str(e) or "'AsyncRPCFilterRequestBuilder' object has no attribute 'params'" in str(e):
+                    logger.warning(f"SupabaseVectorStore incompatibility detected, using manual RPC: {str(e)}")
+                    # Manual RPC fallback
+                    embedding = await self.embeddings.aembed_query(query)
+                    res = self.supabase_client.rpc(
+                        "match_documents",
+                        {
+                            "query_embedding": embedding,
+                            "match_threshold": 0.1,
+                            "match_count": k,
+                        }
+                    ).execute()
+                    
+                    results = []
+                    for row in res.data:
+                        results.append(Document(
+                            page_content=row["content"],
+                            metadata=row["metadata"]
+                        ))
+                else:
+                    raise e
+            
+            # Cache the results
+            DocumentCache.set_relevant_documents(query, k, results)
+            
+            logger.info(f"Found {len(results)} relevant documents")
+            return results
+        except Exception as e:
+            logger.error(f"Error during similarity search: {str(e)}")
+            return []
+    
+    @cache_result(document_cache, "rag_documents_scored", ttl=1800)
+    async def get_relevant_documents_with_scores(self, query: str, k: int = 8, score_threshold: float = 0.7) -> List[Document]:
+        """
+        Perform similarity search with score threshold and pagination support.
+        
+        Args:
+            query: Search query
+            k: Number of documents to return
+            score_threshold: Minimum similarity score
+            
+        Returns:
+            List of relevant Document objects above threshold
+        """
+        logger.info(f"Searching for relevant documents with query: '{query}' (k={k}, threshold={score_threshold})")
+        
+        try:
+            # Check cache first
+            cached_results = DocumentCache.get_relevant_documents(query, k, score_threshold)
+            if cached_results is not None:
+                logger.info(f"Returning cached scored results for query: '{query}'")
+                return cached_results
+            
+            # Perform similarity search with scores
+            try:
+                results = await self.vector_store.asimilarity_search_with_score(query, k=k*2)  # Get more to filter
+                filtered_results = [doc for doc, score in results if score >= score_threshold][:k]
+            except Exception as e:
+                if "'SyncRPCFilterRequestBuilder' object has no attribute 'params'" in str(e) or "'AsyncRPCFilterRequestBuilder' object has no attribute 'params'" in str(e):
+                    logger.warning(f"SupabaseVectorStore incompatibility detected in scored search, using manual RPC: {str(e)}")
+                    # Manual RPC fallback
+                    embedding = await self.embeddings.aembed_query(query)
+                    res = self.supabase_client.rpc(
+                        "match_documents",
+                        {
+                            "query_embedding": embedding,
+                            "match_threshold": score_threshold,
+                            "match_count": k,
+                        }
+                    ).execute()
+                    
+                    filtered_results = []
+                    for row in res.data:
+                        filtered_results.append(Document(
+                            page_content=row["content"],
+                            metadata=row["metadata"]
+                        ))
+                else:
+                    raise e
+            
+            # Cache the results
+            DocumentCache.set_relevant_documents(query, k, filtered_results, score_threshold)
+            
+            logger.info(f"Found {len(filtered_results)} relevant documents above threshold")
+            return filtered_results
+        except Exception as e:
+            logger.error(f"Error during similarity search with scores: {str(e)}")
+            return []
+    
+    async def get_relevant_documents_paginated(
+        self, 
+        query: str, 
+        page: int = 1, 
+        page_size: int = 10, 
+        score_threshold: Optional[float] = None
+    ) -> Dict[str, Any]:
+        """
+        Perform paginated similarity search.
+        
+        Args:
+            query: Search query
+            page: Page number (1-indexed)
+            page_size: Number of documents per page
+            score_threshold: Minimum similarity score (optional)
+            
+        Returns:
+            Dictionary with documents, pagination info, and metadata
+        """
+        logger.info(f"Paginated search for query: '{query}' (page={page}, page_size={page_size})")
+        
+        try:
+            # Calculate total number needed (get more for pagination)
+            total_needed = page * page_size
+            
+            # Perform search with more results for pagination
+            if score_threshold:
+                results = await self.get_relevant_documents_with_scores(query, k=total_needed, score_threshold=score_threshold)
+            else:
+                results = await self.get_relevant_documents(query, k=total_needed)
+            
+            # Paginate results
+            start_idx = (page - 1) * page_size
+            end_idx = start_idx + page_size
+            paginated_results = results[start_idx:end_idx]
+            
+            # Calculate pagination metadata
+            total_results = len(results)
+            total_pages = (total_results + page_size - 1) // page_size  # Ceiling division
+            has_next = page < total_pages
+            has_prev = page > 1
+            
+            return {
+                "documents": paginated_results,
+                "pagination": {
+                    "page": page,
+                    "page_size": page_size,
+                    "total_results": total_results,
+                    "total_pages": total_pages,
+                    "has_next": has_next,
+                    "has_prev": has_prev,
+                    "start_index": start_idx,
+                    "end_index": end_idx
+                },
+                "query": query,
+                "score_threshold": score_threshold
+            }
+            
+        except Exception as e:
+            logger.error(f"Error during paginated search: {str(e)}")
+            return {
+                "documents": [],
+                "pagination": {
+                    "page": page,
+                    "page_size": page_size,
+                    "total_results": 0,
+                    "total_pages": 0,
+                    "has_next": False,
+                    "has_prev": False,
+                    "start_index": 0,
+                    "end_index": 0
+                },
+                "query": query,
+                "score_threshold": score_threshold,
+                "error": str(e)
+            }
+    
+    async def get_document_count(self) -> int:
+        """
+        Get the total number of documents in the vector store.
+        
+        Returns:
+            Total number of documents
+        """
+        try:
+            # This is a simplified approach - in a real implementation,
+            # you'd want to query the Supabase table directly
+            result = self.supabase_client.table("documents").select("id", count="exact").execute()
+            return result.count if result.count else 0
+        except Exception as e:
+            logger.error(f"Error getting document count: {str(e)}")
+            return 0
+    
+    async def clear_knowledge_base(self) -> bool:
+        """
+        Clear all documents from the vector store.
+        
+        Returns:
+            True if successful, False otherwise
+        """
+        try:
+            # Delete all documents from the table
+            result = self.supabase_client.table("documents").delete().gte("id", "").execute()
+            logger.info("Knowledge base cleared successfully")
+            return True
+        except Exception as e:
+            logger.error(f"Error clearing knowledge base: {str(e)}")
+            return False
+
+
+# Global RAG service instance
+rag_service: Optional[RAGService] = None
+
+
+def get_rag_service() -> RAGService:
+    """
+    Get or create the global RAG service instance.
+    
+    Returns:
+        RAGService instance
+    """
+    global rag_service
+    if rag_service is None:
+        rag_service = RAGService()
+    return rag_service
+
+
+# Convenience functions for backward compatibility
+async def load_knowledge_base(data_dir: str = "backend/data") -> Dict[str, Any]:
+    """Load knowledge base documents."""
+    service = get_rag_service()
+    return await service.load_knowledge_base(data_dir)
+
+
+async def get_relevant_documents(query: str, k: int = 8) -> List[Document]:
+    """Get relevant documents for a query."""
+    service = get_rag_service()
+    return await service.get_relevant_documents(query, k)
+
+
+async def get_relevant_documents_with_scores(query: str, k: int = 8, score_threshold: float = 0.7) -> List[Document]:
+    """Get relevant documents with similarity scores."""
+    service = get_rag_service()
+    return await service.get_relevant_documents_with_scores(query, k, score_threshold)
+
+
+if __name__ == "__main__":
+    """
+    Main block for testing and manual knowledge base loading.
+    """
+    async def main():
+        """Main function for testing."""
+        print("Loading knowledge base...")
+        
+        try:
+            # Initialize and load knowledge base
+            service = get_rag_service()
+            results = await service.load_knowledge_base()
+            
+            print(f"Knowledge base loading results:")
+            print(f"- Total files: {results['total_files']}")
+            print(f"- Processed files: {results['processed_files']}")
+            print(f"- Failed files: {results['failed_files']}")
+            print(f"- Total chunks: {results['total_chunks']}")
+            
+            if results['errors']:
+                print(f"- Errors: {len(results['errors'])}")
+                for error in results['errors']:
+                    print(f"  * {error}")
+            
+            # Test search functionality
+            test_query = "高血壓飲食建議"
+            print(f"\nTesting search with query: '{test_query}'")
+            documents = await service.get_relevant_documents(test_query)
+            
+            print(f"Found {len(documents)} relevant documents:")
+            for i, doc in enumerate(documents, 1):
+                print(f"{i}. {doc.metadata.get('file_name', 'Unknown')} - {doc.page_content[:100]}...")
+            
+            print(f"\nTotal documents in vector store: {await service.get_document_count()}")
+            
+        except Exception as e:
+            print(f"Error: {str(e)}")
+            raise
+    
+    # Run the main function
+    asyncio.run(main())

requirements.txt

@@ -0,0 +1,35 @@
+# Web Framework
+fastapi
+uvicorn[standard]
+gradio
+
+# Database
+sqlalchemy
+sqlmodel
+asyncpg
+pgvector
+
+# AI/ML
+langchain
+langchain-openai
+langchain-community
+tiktoken
+
+# External Services
+supabase
+stripe
+httpx
+
+# Utilities
+python-dotenv
+pypdf
+
+# Security and Validation
+PyJWT
+cryptography
+
+
+# Development (optional)
+# pytest==7.4.3
+# pytest-asyncio==0.21.1
+# greenlet==3.3.0

schemas.py

@@ -0,0 +1,275 @@
+"""
+Pydantic schemas for request/response models in Silver Table Assistant API.
+Provides data validation and serialization for all API endpoints.
+"""
+
+from datetime import datetime
+from typing import Optional, Dict, Any, List
+from uuid import UUID
+
+from pydantic import BaseModel, Field, validator
+
+
+# ========== Chat Schemas ==========
+
+class ChatRequest(BaseModel):
+    """Schema for chat request messages."""
+    
+    message: str = Field(..., min_length=1, max_length=2000, description="User's message to the assistant")
+    profile_id: Optional[UUID] = Field(default=None, description="Profile ID for personalized responses")
+
+
+class ChatResponse(BaseModel):
+    """Schema for chat response messages."""
+    
+    message: str = Field(..., description="Assistant's response message")
+    session_id: str = Field(..., description="Chat session identifier")
+    recommendations: Optional[List[Dict[str, Any]]] = Field(default=None, description="Food recommendations based on chat")
+    metadata: Optional[Dict[str, Any]] = Field(default=None, description="Additional response metadata")
+
+
+# ========== Profile Schemas ==========
+
+class ProfileBase(BaseModel):
+    """Base profile schema with common fields."""
+    
+    name: str = Field(..., min_length=1, max_length=255, description="Senior's name")
+    age: int = Field(..., ge=0, le=120, description="Senior's age")
+    gender: str = Field(..., description="Senior's gender (male/female)")
+    height: float = Field(..., ge=50, le=250, description="Senior's height in cm")
+    weight: float = Field(..., ge=20, le=200, description="Senior's weight in kg")
+    chronic_diseases: List[str] = Field(default_factory=list, description="List of chronic diseases")
+    dietary_restrictions: List[str] = Field(default_factory=list, description="List of dietary restrictions")
+    chewing_ability: str = Field(default="normal", description="normal, soft, or pureed")
+    avatar_url: Optional[str] = Field(default=None, max_length=500, description="Avatar image URL")
+
+
+class ProfileCreate(ProfileBase):
+    """Schema for creating a new profile."""
+    id: Optional[UUID] = Field(default=None, description="Optional Profile ID for updates")
+
+
+class ProfileUpdate(BaseModel):
+    """Schema for updating an existing profile."""
+    
+    id: Optional[UUID] = Field(default=None)
+    name: Optional[str] = Field(default=None, min_length=1, max_length=255)
+    age: Optional[int] = Field(default=None, ge=0, le=120)
+    gender: Optional[str] = Field(default=None)
+    height: Optional[float] = Field(default=None, ge=50, le=250)
+    weight: Optional[float] = Field(default=None, ge=20, le=200)
+    chronic_diseases: Optional[List[str]] = Field(default=None)
+    dietary_restrictions: Optional[List[str]] = Field(default=None)
+    chewing_ability: Optional[str] = Field(default=None)
+    avatar_url: Optional[str] = Field(default=None, max_length=500)
+
+
+class ProfileRead(ProfileBase):
+    """Schema for reading profile data."""
+    
+    id: UUID
+    user_id: UUID
+    created_at: datetime
+    updated_at: datetime
+
+    class Config:
+        from_attributes = True
+
+
+# ========== Menu Item Schemas ==========
+
+class MenuItemBase(BaseModel):
+    """Base menu item schema with common fields."""
+    
+    name: str = Field(..., min_length=1, max_length=255, description="Name of the menu item")
+    description: Optional[str] = Field(default=None, max_length=1000, description="Item description")
+    suitable_for: List[str] = Field(default_factory=list, description="Suitable for health conditions")
+    image_url: Optional[str] = Field(default=None, max_length=500, description="Image URL")
+    nutrition: Dict[str, Any] = Field(..., description="Nutritional information")
+    price: int = Field(..., ge=0, description="Price in cents")
+    category: Optional[str] = Field(default=None, max_length=100, description="Food category")
+    available: bool = Field(default=True, description="Availability status")
+
+
+class MenuItemCreate(MenuItemBase):
+    """Schema for creating a new menu item."""
+    pass
+
+
+class MenuItemUpdate(BaseModel):
+    """Schema for updating an existing menu item."""
+    
+    name: Optional[str] = Field(default=None, min_length=1, max_length=255)
+    description: Optional[str] = Field(default=None, max_length=1000)
+    suitable_for: Optional[List[str]] = Field(default=None)
+    image_url: Optional[str] = Field(default=None, max_length=500)
+    nutrition: Optional[Dict[str, Any]] = Field(default=None)
+    price: Optional[int] = Field(default=None, ge=0)
+    category: Optional[str] = Field(default=None, max_length=100)
+    available: Optional[bool] = Field(default=None)
+
+
+class MenuItemRead(MenuItemBase):
+    """Schema for reading menu item data."""
+    
+    id: int
+    created_at: datetime
+
+    class Config:
+        from_attributes = True
+
+
+# ========== Order Schemas ==========
+
+class OrderItem(BaseModel):
+    """Schema for individual order items."""
+    
+    menu_item_id: int
+    quantity: int = Field(..., gt=0, description="Quantity of this item")
+    special_instructions: Optional[str] = Field(default=None, max_length=500, description="Special preparation instructions")
+
+
+class OrderBase(BaseModel):
+    """Base order schema with common fields."""
+    
+    items: List[OrderItem] = Field(..., min_items=1, description="List of order items")
+    total_amount: int = Field(..., ge=0, description="Total amount in cents")
+
+
+class OrderCreate(OrderBase):
+    """Schema for creating a new order."""
+    
+    profile_id: UUID = Field(..., description="ID of the profile making the order")
+
+
+class OrderUpdate(BaseModel):
+    """Schema for updating an existing order."""
+    
+    status: Optional[str] = Field(default=None, description="Order status")
+    items: Optional[List[OrderItem]] = Field(default=None, min_items=1)
+    total_amount: Optional[int] = Field(default=None, ge=0)
+
+
+class OrderRead(OrderBase):
+    """Schema for reading order data."""
+    
+    id: UUID
+    profile_id: UUID
+    status: str
+    stripe_session_id: Optional[str]
+    checkout_url: Optional[str] = None
+    created_at: datetime
+    updated_at: datetime
+
+    class Config:
+        from_attributes = True
+
+
+# ========== Donation Schemas ==========
+
+class DonationBase(BaseModel):
+    """Base donation schema with common fields."""
+    
+    amount: int = Field(..., gt=0, description="Donation amount in cents")
+    donor_name: Optional[str] = Field(default=None, max_length=255, description="Donor's name")
+
+
+class DonationCreate(DonationBase):
+    """Schema for creating a new donation."""
+    user_id: Optional[UUID] = Field(default=None, description="Optional authenticated user ID")
+
+
+class DonationUpdate(BaseModel):
+    """Schema for updating an existing donation."""
+    
+    status: Optional[str] = Field(default=None, description="Donation status")
+
+
+class DonationRead(DonationBase):
+    """Schema for reading donation data."""
+    
+    id: UUID
+    user_id: Optional[UUID] = None
+    status: str
+    stripe_session_id: Optional[str]
+    checkout_url: Optional[str] = None
+    created_at: datetime
+    updated_at: datetime
+
+    class Config:
+        from_attributes = True
+
+
+# ========== Chat Conversation Schemas ==========
+
+class ChatConversationBase(BaseModel):
+    """Base chat conversation schema with common fields."""
+    
+    message: str = Field(..., min_length=1, max_length=5000, description="User's message")
+    response: Optional[str] = Field(default=None, min_length=1, max_length=5000, description="AI assistant's response")
+    metadata: Optional[Dict[str, Any]] = Field(default={}, description="Additional metadata")
+
+
+class ChatConversationCreate(ChatConversationBase):
+    """Schema for creating a new chat conversation."""
+    
+    profile_id: UUID = Field(..., description="Profile ID")
+
+
+class ChatConversationRead(ChatConversationBase):
+    """Schema for reading chat conversation data."""
+    
+    id: int
+    profile_id: UUID
+    created_at: datetime
+
+    class Config:
+        from_attributes = True
+
+
+# ========== API Response Schemas ==========
+
+class APIResponse(BaseModel):
+    """Generic API response schema."""
+    
+    success: bool = Field(..., description="Whether the operation was successful")
+    message: str = Field(..., description="Response message")
+    data: Optional[Any] = Field(default=None, description="Response data")
+
+
+class PaginatedResponse(BaseModel):
+    """Generic paginated response schema."""
+    
+    items: List[Any] = Field(..., description="List of items")
+    total: int = Field(..., description="Total number of items")
+    page: int = Field(..., description="Current page number")
+    per_page: int = Field(..., description="Items per page")
+    pages: int = Field(..., description="Total number of pages")
+
+
+# ========== Health Check Schema ==========
+
+class HealthCheck(BaseModel):
+    """Schema for health check endpoint."""
+    
+    status: str = Field(..., description="Service status")
+    timestamp: datetime = Field(..., description="Check timestamp")
+    version: str = Field(..., description="API version")
+    database: str = Field(..., description="Database connection status")
+
+
+# ========== Stripe Payment Schemas ==========
+
+class PaymentIntentCreate(BaseModel):
+    """Schema for creating Stripe payment intent."""
+    
+    amount: int = Field(..., gt=0, description="Payment amount in cents")
+    currency: str = Field(default="usd", description="Currency code")
+    metadata: Optional[Dict[str, str]] = Field(default=None, description="Payment metadata")
+
+
+class PaymentIntentResponse(BaseModel):
+    """Schema for Stripe payment intent response."""
+    
+    client_secret: str = Field(..., description="Stripe client secret")
+    payment_intent_id: str = Field(..., description="Stripe payment intent ID")

setup_rag_db.py

@@ -0,0 +1,81 @@
+import asyncio
+import os
+from dotenv import load_dotenv
+from sqlalchemy.ext.asyncio import create_async_engine
+from sqlalchemy import text
+
+load_dotenv()
+
+async def setup_rag_db():
+    database_url = os.getenv("DATABASE_URL")
+    if not database_url:
+        print("DATABASE_URL not found")
+        return
+
+    # Ensure python uses asyncpg
+    if "postgresql://" in database_url and "asyncpg" not in database_url:
+        database_url = database_url.replace("postgresql://", "postgresql+asyncpg://")
+
+    engine = create_async_engine(
+        database_url, 
+        echo=True,
+        connect_args={
+            "statement_cache_size": 0,
+            "server_settings": {
+                "jit": "off",
+            }
+        }
+    )
+
+    async with engine.begin() as conn:
+        print("Enabling pgvector extension...")
+        await conn.execute(text("CREATE EXTENSION IF NOT EXISTS vector"))
+        await conn.execute(text("CREATE EXTENSION IF NOT EXISTS \"uuid-ossp\""))
+
+        print("Checking/Creating documents table...")
+        # Drop table if exists to ensure correct schema (UUID vs BigInt conflict)
+        await conn.execute(text("DROP TABLE IF EXISTS documents CASCADE"))
+        
+        await conn.execute(text("""
+            CREATE TABLE IF NOT EXISTS documents (
+                id uuid PRIMARY KEY DEFAULT uuid_generate_v4(),
+                content text,
+                metadata jsonb,
+                embedding vector(3072) -- Ensure 3072 dimensions
+            )
+        """))
+        
+        print("Creating match_documents function...")
+        await conn.execute(text("""
+            CREATE OR REPLACE FUNCTION match_documents (
+                query_embedding vector(3072),
+                match_threshold float,
+                match_count int
+            )
+            RETURNS TABLE (
+                id uuid,
+                content text,
+                metadata jsonb,
+                similarity float
+            )
+            LANGUAGE plpgsql
+            AS $$
+            BEGIN
+                RETURN QUERY
+                SELECT
+                    documents.id,
+                    documents.content,
+                    documents.metadata,
+                    1 - (documents.embedding <=> query_embedding) AS similarity
+                FROM documents
+                WHERE 1 - (documents.embedding <=> query_embedding) > match_threshold
+                ORDER BY similarity DESC
+                LIMIT match_count;
+            END;
+            $$;
+        """))
+        
+        print("Done setup.")
+
+if __name__ == "__main__":
+    asyncio.run(setup_rag_db())

stripe_service.py

@@ -0,0 +1,493 @@
+"""
+Stripe payment service for Silver Table Assistant.
+Handles payment processing, checkout sessions, and webhooks.
+"""
+
+import os
+import stripe
+from typing import Optional, Dict, Any
+from uuid import UUID
+
+from config import settings
+from exceptions import PaymentException, handle_payment_error
+
+# Initialize Stripe API key
+stripe.api_key = settings.stripe_secret_key
+
+
+def create_checkout_session_for_order(order) -> str:
+    """
+    Create a Stripe checkout session for an order.
+    
+    Args:
+        order: Order object with items and total_amount
+        
+    Returns:
+        Stripe checkout session URL
+    """
+    import logging
+    logger = logging.getLogger(__name__)
+    
+    try:
+        # Debug: Log order structure
+        logger.info(f"[DEBUG] Order ID: {getattr(order, 'id', 'unknown')}")
+        logger.info(f"[DEBUG] Order items type: {type(order.items)}")
+        logger.info(f"[DEBUG] Order items: {order.items}")
+        logger.info(f"[DEBUG] Order total_amount: {order.total_amount}")
+        
+        # Extract order items for Stripe line items
+        line_items = []
+        
+        # Assuming order.items contains a list of menu items with details
+        # This would need to be parsed based on your order structure
+        if isinstance(order.items, list):
+            for item in order.items:
+                logger.info(f"[DEBUG] Processing item: {item}")
+                # Check if item has menu_item_id (frontend format)
+                if 'menu_item_id' in item:
+                    # Need to fetch menu item details from menu_data
+                    try:
+                        from menu_data import get_menu_item_by_id
+                        menu_item = get_menu_item_by_id(item['menu_item_id'])
+                        menu_item_name = menu_item.get('name', 'Menu Item')
+                        # Price in menu_data is already in cents
+                        menu_item_price = menu_item.get('price', order.total_amount)
+                        logger.info(f"[DEBUG] Fetched menu item: {menu_item_name}, price (cents): {menu_item_price}")
+                    except (ValueError, ImportError) as e:
+                        logger.error(f"[DEBUG] Failed to fetch menu item {item.get('menu_item_id')}: {e}")
+                        menu_item_name = f"Menu Item {item.get('menu_item_id', 'Unknown')}"
+                        menu_item_price = order.total_amount
+                else:
+                    # Assuming item has menu_item_id, name, price, and quantity (expected format)
+                    menu_item_name = item.get('name', 'Menu Item')
+                    menu_item_price = item.get('price', order.total_amount)
+                    
+                quantity = item.get('quantity', 1)
+                
+                line_items.append({
+                    'price_data': {
+                        'currency': settings.stripe_default_currency,  # Taiwan Dollar
+                        'product_data': {
+                            'name': menu_item_name,
+                        },
+                        'unit_amount': int(menu_item_price),  # Amount in cents
+                    },
+                    'quantity': quantity,
+                })
+        else:
+            # Single item order - fallback
+            line_items.append({
+                'price_data': {
+                    'currency': settings.stripe_default_currency,
+                    'product_data': {
+                        'name': 'Silver Table Order',
+                    },
+                    'unit_amount': int(order.total_amount),
+                },
+                'quantity': 1,
+            })
+        
+        # Create Stripe checkout session
+        session = stripe.checkout.Session.create(
+            payment_method_types=['card'],
+            line_items=line_items,
+            mode='payment',
+            success_url=f"{settings.frontend_url}/order/success?session_id={{CHECKOUT_SESSION_ID}}",
+            cancel_url=f"{settings.frontend_url}/order/cancel",
+            metadata={
+                'order_id': str(order.id),
+                'profile_id': str(order.profile_id),
+                'order_type': 'food_order'
+            },
+            shipping_address_collection={
+                'allowed_countries': ['TW'],  # Taiwan
+            },
+            phone_number_collection={
+                'enabled': True,
+            }
+        )
+        
+        return session.url
+        
+    except Exception as e:
+        raise Exception(f"Failed to create checkout session: {str(e)}")
+
+
+def create_checkout_session_for_donation(donation) -> str:
+    """
+    Create a Stripe checkout session for a donation.
+    
+    Args:
+        donation: Donation object with amount and donor_name
+        
+    Returns:
+        Stripe checkout session URL
+    """
+    try:
+        # Validate minimum donation amount for Stripe (donation.amount is in cents)
+        min_amount_cents = int(settings.MIN_DONATION_AMOUNT * 100)
+        if donation.amount < min_amount_cents:
+            raise PaymentException(f"捐款金額必須至少為 NT${settings.MIN_DONATION_AMOUNT} 元")
+        
+        # Create Stripe checkout session for donation
+        session = stripe.checkout.Session.create(
+            payment_method_types=['card'],
+            line_items=[
+                {
+                    'price_data': {
+                        'currency': settings.stripe_default_currency,  # Taiwan Dollar
+                        'product_data': {
+                            'name': '銀桌助手捐款',
+                            'description': f'捐款人: {donation.donor_name or "匿名"}' if donation.donor_name else '匿名捐款',
+                        },
+                        'unit_amount': int(donation.amount),  # Amount in cents
+                    },
+                    'quantity': 1,
+                }
+            ],
+            mode='payment',
+            success_url=f"{settings.frontend_url}/donation/success?session_id={{CHECKOUT_SESSION_ID}}",
+            cancel_url=f"{settings.frontend_url}/donation/cancel",
+            metadata={
+                'donation_id': str(donation.id),
+                'donor_name': donation.donor_name or 'anonymous',
+                'order_type': 'donation'
+            },
+            phone_number_collection={
+                'enabled': True,
+            }
+        )
+        
+        return session.url
+        
+    except stripe.error.InvalidRequestError as e:
+        # Stripe can return an amount_too_small error code
+        code = getattr(e, 'code', None)
+        if code == 'amount_too_small' or 'amount_too_small' in str(e):
+            raise PaymentException(f"金額太低，最低需 NT${settings.MIN_DONATION_AMOUNT}")
+        raise handle_payment_error(e, 'create_checkout_session_for_donation')
+    except Exception as e:
+        raise handle_payment_error(e, 'create_checkout_session_for_donation')
+
+
+def handle_webhook(payload: bytes, sig_header: str) -> Dict[str, Any]:
+    """
+    Handle Stripe webhook events.
+    
+    Args:
+        payload: Raw webhook payload
+        sig_header: Stripe signature header
+        
+    Returns:
+        Dictionary with event details and status
+    """
+    try:
+        # Verify webhook signature
+        event = stripe.Webhook.construct_event(
+            payload, sig_header, settings.stripe_webhook_secret
+        )
+        
+        # Handle the event
+        if event['type'] == 'checkout.session.completed':
+            session = event['data']['object']
+            return handle_checkout_session_completed(session)
+        elif event['type'] == 'payment_intent.succeeded':
+            payment_intent = event['data']['object']
+            return handle_payment_intent_succeeded(payment_intent)
+        elif event['type'] == 'payment_intent.payment_failed':
+            payment_intent = event['data']['object']
+            return handle_payment_intent_failed(payment_intent)
+        else:
+            return {
+                'status': 'ignored',
+                'message': f'Event type {event["type"]} not handled',
+                'event_id': event['id']
+            }
+            
+    except stripe.error.SignatureVerificationError as e:
+        # Invalid signature - treat as payment related/security error
+        raise PaymentException(f"Invalid webhook signature: {str(e)}")
+    except Exception as e:
+        raise Exception(f"Webhook handling failed: {str(e)}")
+
+
+def handle_checkout_session_completed(session: Dict[str, Any]) -> Dict[str, Any]:
+    """
+    Handle successful checkout session completion.
+    
+    Args:
+        session: Stripe checkout session object
+        
+    Returns:
+        Dictionary with processing result
+    """
+    metadata = session.get('metadata', {})
+    order_type = metadata.get('order_type')
+    session_id = session['id']
+    
+    if order_type == 'food_order':
+        order_id = metadata.get('order_id')
+        if order_id:
+            # Update order status to confirmed
+            return update_order_payment_status(UUID(order_id), 'confirmed', session_id)
+        else:
+            return {
+                'status': 'error',
+                'message': 'Missing order_id in metadata',
+                'session_id': session_id
+            }
+    
+    elif order_type == 'donation':
+        donation_id = metadata.get('donation_id')
+        if donation_id:
+            # Update donation status to completed
+            return update_donation_payment_status(UUID(donation_id), 'completed', session_id)
+        else:
+            return {
+                'status': 'error',
+                'message': 'Missing donation_id in metadata',
+                'session_id': session_id
+            }
+    
+    else:
+        return {
+            'status': 'error',
+            'message': f'Unknown order_type: {order_type}',
+            'session_id': session_id
+        }
+
+
+def handle_payment_intent_succeeded(payment_intent: Dict[str, Any]) -> Dict[str, Any]:
+    """
+    Handle successful payment intent.
+    
+    Args:
+        payment_intent: Stripe payment intent object
+        
+    Returns:
+        Dictionary with processing result
+    """
+    # This is a backup handler for payment_intent.succeeded events
+    # The main handling should be done in checkout.session.completed
+    
+    return {
+        'status': 'processed',
+        'message': 'Payment intent succeeded - handled via checkout session',
+        'payment_intent_id': payment_intent['id']
+    }
+
+
+def handle_payment_intent_failed(payment_intent: Dict[str, Any]) -> Dict[str, Any]:
+    """
+    Handle failed payment intent.
+    
+    Args:
+        payment_intent: Stripe payment intent object
+        
+    Returns:
+        Dictionary with processing result
+    """
+    # Handle failed payments - you might want to update order/donation status
+    return {
+        'status': 'failed',
+        'message': 'Payment failed',
+        'payment_intent_id': payment_intent['id'],
+        'last_payment_error': payment_intent.get('last_payment_error', {})
+    }
+
+
+def update_order_payment_status(order_id: UUID, status: str, stripe_session_id: str) -> Dict[str, Any]:
+    """
+    Update order payment status in database.
+    
+    Args:
+        order_id: Order ID
+        status: New status
+        stripe_session_id: Stripe session ID
+        
+    Returns:
+        Dictionary with update result
+    """
+    # This function would be called from the webhook handler
+    # You would need to inject the database session here
+    # For now, we'll just return the intended update data
+    
+    return {
+        'status': 'success',
+        'message': f'Order {order_id} status updated to {status}',
+        'order_id': str(order_id),
+        'stripe_session_id': stripe_session_id,
+        'new_status': status
+    }
+
+
+def update_donation_payment_status(donation_id: UUID, status: str, stripe_session_id: str) -> Dict[str, Any]:
+    """
+    Update donation payment status in database.
+    
+    Args:
+        donation_id: Donation ID
+        status: New status
+        stripe_session_id: Stripe session ID
+        
+    Returns:
+        Dictionary with update result
+    """
+    # This function would be called from the webhook handler
+    # You would need to inject the database session here
+    # For now, we'll just return the intended update data
+    
+    return {
+        'status': 'success',
+        'message': f'Donation {donation_id} status updated to {status}',
+        'donation_id': str(donation_id),
+        'stripe_session_id': stripe_session_id,
+        'new_status': status
+    }
+
+
+def retrieve_payment_intent(payment_intent_id: str) -> Optional[Dict[str, Any]]:
+    """
+    Retrieve payment intent details from Stripe.
+    
+    Args:
+        payment_intent_id: Stripe payment intent ID
+        
+    Returns:
+        Payment intent object or None if not found
+    """
+    try:
+        return stripe.PaymentIntent.retrieve(payment_intent_id)
+    except stripe.error.InvalidRequestError:
+        return None
+
+
+def create_refund(payment_intent_id: str, amount: Optional[int] = None) -> Dict[str, Any]:
+    """
+    Create a refund for a payment.
+    
+    Args:
+        payment_intent_id: Payment intent ID to refund
+        amount: Refund amount in cents (optional, defaults to full amount)
+        
+    Returns:
+        Refund object
+    """
+    try:
+        refund_data = {
+            'payment_intent': payment_intent_id
+        }
+        
+        if amount:
+            refund_data['amount'] = amount
+            
+        refund = stripe.Refund.create(**refund_data)
+        
+        return {
+            'status': 'success',
+            'refund_id': refund['id'],
+            'amount': refund['amount'],
+            'status': refund['status']
+        }
+        
+    except Exception as e:
+        return {
+            'status': 'error',
+            'message': f'Failed to create refund: {str(e)}'
+        }
+
+
+def get_payment_methods(customer_id: str) -> Dict[str, Any]:
+    """
+    Get saved payment methods for a customer.
+    
+    Args:
+        customer_id: Stripe customer ID
+        
+    Returns:
+        Dictionary with payment methods
+    """
+    try:
+        payment_methods = stripe.PaymentMethod.list(
+            customer=customer_id,
+            type='card'
+        )
+        
+        return {
+            'status': 'success',
+            'payment_methods': payment_methods['data']
+        }
+        
+    except Exception as e:
+        return {
+            'status': 'error',
+            'message': f'Failed to retrieve payment methods: {str(e)}'
+        }
+
+
+def construct_webhook_event(payload: bytes, sig_header: str, secret: str) -> Dict[str, Any]:
+    """
+    Construct webhook event from payload and signature.
+    
+    Args:
+        payload: Raw payload bytes
+        sig_header: Stripe signature header
+        secret: Webhook secret
+        
+    Returns:
+        Constructed event object
+    """
+    return stripe.Webhook.construct_event(payload, sig_header, secret)
+
+
+# Utility functions for webhook handling
+
+def parse_metadata(metadata: Dict[str, str]) -> Dict[str, Any]:
+    """
+    Parse Stripe metadata and extract useful information.
+    
+    Args:
+        metadata: Stripe metadata dictionary
+        
+    Returns:
+        Parsed metadata with type conversion
+    """
+    parsed = {}
+    
+    for key, value in metadata.items():
+        if key.endswith('_id') and value:
+            try:
+                # Convert UUID strings back to UUID objects
+                parsed[key] = UUID(value)
+            except ValueError:
+                parsed[key] = value
+        else:
+            parsed[key] = value
+    
+    return parsed
+
+
+def format_twd_amount(cents: int) -> str:
+    """
+    Format amount in cents to Taiwan Dollar string.
+    
+    Args:
+        cents: Amount in cents
+        
+    Returns:
+        Formatted amount string
+    """
+    return settings.format_currency(cents)
+
+
+def validate_twd_currency(amount: int) -> bool:
+    """
+    Validate if amount is appropriate for Taiwan Dollar.
+    
+    Args:
+        amount: Amount in cents
+        
+    Returns:
+        True if amount is valid
+    """
+    return settings.min_order_amount <= amount <= settings.max_order_amount