feat: implement WeChat cross-batch refund reconciliation and fix misc issues

WeChat cross-batch refund reconciliation:
- Add OriginalAmount field to CleanedBill for accurate cumulative refund math
- DeduplicateRawFile detects WeChat status-update rows (已退款/已全额退款) and
  emits WechatRefundUpdates for Go-side reconciliation (Scenario 1)
- WechatPy cleaner surfaces -退款 income rows with no same-batch expense match
  as unresolved_refunds for Go ReconcileRefund (Scenario 2)
- Add ReconcileWechatRefund to repository interface and MongoDB implementation
- upload.go step 15 iterates WechatRefundUpdates and reconciles against bills_cleaned

Bug fixes:
- ReviewStats: add nil repo check to prevent panic when DB is not connected
- JWT: remove hardcoded fallback secret; return 500/401 if JWTSecret not configured
- Remove unused parsePageParam dead code and its strconv import
- BillDetailDrawer: show 不计收支 amount in muted gray instead of red
- test_jd_cleaner.py: replace hardcoded D:\Projects\BillAI path with dynamic __file__ resolution

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

.gitignore

@@ -8,6 +8,7 @@ analyzer/venv/
 
 # Go
 server/billai-server
+server/server
 .exe
 
 # IDE

AGENTS.md

@@ -2,209 +2,153 @@
 
 Guidelines for AI coding agents working on BillAI - a microservices bill analysis system.
 
-## Architecture
-- `web/` - SvelteKit 5 + TailwindCSS 4 + TypeScript (Frontend Proxy & UI, port 3000)
-- `server/` - Go 1.21 + Gin + MongoDB (Main API & Data Storage, port 8080)
-- `analyzer/` - Python 3.12 + FastAPI (Data Cleaning & Analysis Service, port 8001)
+**Version:** See `CHANGELOG.md` for current version. Latest tag usually matches.
 
-The SvelteKit frontend acts as a **proxy**: all `/api/*` browser requests are forwarded by
-`web/src/routes/api/[...path]/+server.ts` to the Go backend. The browser never contacts Go
-directly. `API_URL` env var controls the target (`http://server:8080` in Docker,
-`http://localhost:8080` in local dev).
+## Architecture
+
+- `web/` - SvelteKit 5 + TailwindCSS 4 + TypeScript (Frontend, port 3000)
+- `server/` - Go 1.24 + Gin + MongoDB (API, port 8080)
+- `analyzer/` - Python 3.12 + FastAPI (Data cleaning, port 8001)
+
+**Proxy Caveat:** SvelteKit proxies `/api/*` to Go via `web/src/routes/api/[...path]/+server.ts`, but **only GET and POST are forwarded**. The Go backend intentionally uses `POST` for mutations (update, delete, manual create) to work around this. If you add PUT/PATCH/DELETE endpoints, you must also add them to the proxy.
 
 ## Build/Lint/Test Commands
 
-### Frontend (web/)
-**Working Directory:** `/Users/clz/Projects/BillAI/web`
-
+### Frontend (`web/`)
 ```bash
-npm run dev                              # Start Vite dev server
-npm run build                            # Production build (adapter-node)
-npm run preview                          # Preview production build
-npm run check                            # TypeScript check (svelte-check)
+npm run dev                  # Start dev server
+npm run build                # Production build
+npm run check                # TypeScript + Svelte check
 npm run lint                 # Prettier --check + ESLint
-npm run format                           # Format with Prettier
-npm run test                             # Run all unit tests once (CI mode)
-npm run test:unit                        # Run unit tests in watch mode
-npx vitest run src/routes/+page.spec.ts  # Run single test file
-npx vitest run -t "test name pattern"    # Run tests by name pattern
+npm run format               # Prettier --write
+npm run test                 # vitest --run (CI mode)
+npx vitest run src/xxx.spec.ts    # Run single test file
 ```
 
-### Backend (server/)
-**Working Directory:** `/Users/clz/Projects/BillAI/server`
+**Note:** `web/` has a `yarn.lock` but scripts in `package.json` use `npm run`.
 
+### Backend (`server/`)
 ```bash
-go run .                              # Start server
-go build -o server .                  # Build binary
-go mod tidy                           # Clean dependencies
+go run .                     # Start server (reads server/config.yaml)
+go build -o server .
 go test ./...                # Run all tests
-go test ./handler/...                 # Run handler package tests
-go test -run TestName ./...           # Run single test function
-go test -v ./handler/...              # Verbose test output
+go test -run TestName ./...  # Run single test
+go test -v ./handler/...     # Verbose output
 ```
 
-### Analyzer (analyzer/)
-**Working Directory:** `/Users/clz/Projects/BillAI/analyzer`
-
+### Analyzer (`analyzer/`)
 ```bash
-python server.py                      # Start FastAPI server directly
-uvicorn server:app --reload           # Start with hot reload
+python server.py             # Start FastAPI (has `if __name__ == "__main__"`)
+uvicorn server:app --reload  # Requires cwd == analyzer/
 pytest                       # Run all tests
-pytest test_jd_cleaner.py            # Run single test file
-pytest -k "test_name"                # Run test by name pattern
-pip install -r requirements.txt      # Install dependencies
+pytest test_jd_cleaner.py    # Single test file
 ```
 
 ### Docker
-**Working Directory:** `/Users/clz/Projects/BillAI`
-
 ```bash
-docker-compose up -d --build          # Start/rebuild all services
-docker-compose logs -f server         # Follow service logs
-docker-compose down                   # Stop all services
+docker compose up -d --build --remove-orphans   # Start/rebuild all
+docker compose logs -f server                   # Follow logs
+docker compose down                             # Stop services
 ```
 
-## Code Style
+## Code Style & Conventions
 
-### General
-- **Comments:** Existing comments often use Chinese for business logic explanations. Maintain this
-  style where appropriate; English is also acceptable for technical explanations.
-- **Conventions:** Follow existing patterns strictly. Do not introduce new frameworks or libraries
-  without checking `package.json` / `go.mod` / `requirements.txt`.
+### TypeScript/Svelte (`web/`)
+- **Formatting:** Prettier (tabs, single quotes, `trailingComma: none`, printWidth 100)
+- **Imports:** Use `$lib` alias. No relative imports for lib modules.
+- **Svelte 5:** Runes (`$state`, `$derived`, `$effect`, `$props`). Events: `onclick={fn}`.
+- **Types:** `export interface` for models. Frontend uses `camelCase`, API uses `snake_case`. Converters live in `$lib/models/bill.ts`.
+- **Auth:** Token stored in `localStorage` key `auth`. Always use `apiFetch()` from `$lib/api.ts` for authenticated requests.
 
-### TypeScript/Svelte (web/)
-- **Formatting:** Prettier — tabs, single quotes, no trailing commas, printWidth 100,
-  `prettier-plugin-svelte`.
-- **Naming:** `PascalCase` for types/interfaces/components, `camelCase` for variables/functions.
-- **Imports:** Use `$lib` alias for internal imports and `$app/*` for SvelteKit builtins. Never
-  use relative paths for lib-level modules.
-  ```typescript
-  import { browser } from '$app/environment'
-  import { goto } from '$app/navigation'
-  import { auth } from '$lib/stores/auth'
-  import type { UIBill } from '$lib/models/bill'
-  import Upload from '@lucide/svelte/icons/upload'
-  ```
-- **Svelte 5 runes:** Use the new runes API — `$state`, `$derived`, `$effect`, `$props`. Event
-  handlers use `onclick={fn}` syntax (not legacy `on:click`).
-- **Types:** Define `export interface` for all data models. Frontend models use `camelCase` fields
-  (`UIBill`); API responses use `snake_case` (`CleanedBill`). Provide explicit converter functions
-  (e.g., `cleanedBillToUIBill`, `uiBillToUpdateBillRequest`) in `web/src/lib/models/bill.ts`.
-- **Error Handling:** Check `response.ok`; throw `new Error(\`HTTP ${response.status}\`)` for the
-  UI to catch. On 401, call `auth.logout()` and redirect to `/login`.
-- **Auth pattern:** `createAuthStore()` factory in `$lib/stores/auth.ts`. Token stored in
-  `localStorage` under key `auth`. All API calls go through `apiFetch()` in `$lib/api.ts`, which
-  injects `Authorization: Bearer <token>` and handles 401 centrally.
-- **Testing:** Vitest + `vitest-browser-svelte` + Playwright. Test files co-located with routes
-  as `*.spec.ts`. Use `describe` / `it` / `expect` from vitest, `render` from
-  `vitest-browser-svelte`.
+### Go (`server/`)
+- **Module:** `billai-server` (import path). Use this in `go test` / `go build` when outside the directory.
+- **Layer:** `handler` → `service` → `adapter`/`repository` → `model`. No business logic in handlers.
+- **Struct tags:** JSON `snake_case`, `omitempty` for optional. Pointer types for optional patch fields. Sensitive fields: `json:"-"`.
+- **Response shapes:**
+  - Business APIs: `result bool`, `message string`, `data *T`
+  - Auth APIs: `success bool`, `error string`, `data *T` (and `code` for error types)
+- **Time:** Custom `LocalTime` type serializes as `"2006-01-02 15:04:05"`.
+- **Soft delete:** Never hard-delete. All queries filter `is_deleted: false`.
 
-### Go Backend (server/)
-- **Layer structure:** `handler` (HTTP) → `service` (logic) → `adapter` (external Python service)
-  and `repository` (DB) → `model` (structs). Handlers must not contain business logic.
-- **Struct tags:** JSON uses `snake_case`. `omitempty` on optional response fields. Use `form` tags
-  for query/form binding. Use pointer fields (`*string`) for optional patch request fields. Sensitive
-  fields get `json:"-"`.
-  ```go
-  type CleanedBill struct {
-      ID            primitive.ObjectID `bson:"_id,omitempty" json:"id,omitempty"`
-      BillType      string             `bson:"bill_type" json:"bill_type"`
-  }
-  type UpdateBillRequest struct {
-      Category *string `json:"category,omitempty"`
-  }
-  ```
-- **Error Handling:** Return `500` for DB/internal errors, `400` for bad requests, `404` for not
-  found. Wrap errors with context using `fmt.Errorf("context: %w", err)`. Check
-  `err == repository.ErrNotFound` for 404 disambiguation. Use `Result bool` (not `Success`) in
-  response envelopes.
-  ```go
-  if err != nil {
-      c.JSON(http.StatusInternalServerError, Response{Result: false, Message: err.Error()})
-      return
-  }
-  ```
-- **Response envelope:** Most endpoints: `Result bool`, `Message string`, `Data *T`. Auth endpoints
-  use `success bool`, `error string`, `data interface{}`.
-- **Interfaces:** Use `adapter.Cleaner` and `repository.BillRepository` interfaces. Access global
-  singletons via `adapter.GetCleaner()` and `repository.GetRepository()`.
-- **Time:** Use the custom `LocalTime` type (wraps `time.Time`) for all timestamp fields. It
-  serializes as `"2006-01-02 15:04:05"` in both JSON and BSON, preserving local time.
-- **Soft delete:** Bills are never hard-deleted. All queries must filter `is_deleted: false`.
+### Python (`analyzer/`)
+- **Style:** PEP 8. `snake_case` vars, `UPPER_CASE` constants. Prefix private globals with `_`.
+- **Type hints:** Mandatory. Prefer `str | None` or `Optional[str]`.
+- **Models:** `pydantic.BaseModel` for API schemas.
+- **Cleaners:** Extend `BaseCleaner(ABC)` from `cleaners/base.py`. Category rules in `config/category.yaml`.
 
-### Python Analyzer (analyzer/)
-- **Style:** PEP 8. `snake_case` for variables, functions, and filenames. `UPPER_CASE` for
-  module-level constants. Prefix private module globals with `_`.
-- **Type Hints:** Mandatory for all function arguments and return types. Use `Optional[str]` from
-  `typing` or `str | None` (Python 3.10+ union syntax).
-- **Models:** Use `pydantic.BaseModel` for all API request/response schemas.
-  ```python
-  class CleanRequest(BaseModel):
-      input_path: str
-      output_path: str
-      year: Optional[str] = None
-      bill_type: Optional[str] = "auto"
-  ```
-- **FastAPI patterns:** Use `HTTPException(status_code=400, detail=message)` for user errors.
-  Manage temporary files with `tempfile.NamedTemporaryFile` + `os.unlink` in `finally` blocks.
-- **Cleaner classes:** Extend `BaseCleaner(ABC)` from `cleaners/base.py`. Implement `clean()` and
-  optionally `reclassify()`. Category inference reads rules from `config/category.yaml` via
-  `yaml.safe_load`.
-- **Docstrings:** Triple-quoted. Chinese descriptions are common for API endpoint docs.
-
-## Key Patterns
+## Key Patterns & Quirks
 
 ### API Flow
 ```
-Browser → SvelteKit proxy (/api/[...path]/+server.ts)
-        → Go server (Gin, AuthRequired middleware)
-          → handler → service → adapter.GetCleaner() → HTTP POST to Python FastAPI
-                              → repository.GetRepository() → MongoDB
+Browser → SvelteKit proxy → Go (Gin) → handler → service → adapter → Python FastAPI
+                                            └→ repository → MongoDB
 ```
 
 ### Authentication
-- JWT (HS256). Token in `localStorage` under key `auth`.
-- Header: `Authorization: Bearer <token>`.
-- `middleware.AuthRequired()` wraps all `/api/*` routes except `/api/auth/*`.
-- Passwords in `config.yaml` support plaintext or SHA-256 hashed values.
-- 401 anywhere → `auth.logout()` + redirect to `/login`.
+- JWT (HS256). Header: `Authorization: Bearer <token>`.
+- `middleware.AuthRequired()` guards authed routes. Public routes: `/api/auth/*`, `/api/changelog`, `/health`.
+- Frontend `apiFetch()` intercepts 401 → `auth.logout()` + redirect `/login`.
 
-### File Processing
-Upload flow: Upload (ZIP/XLSX) → Extract → Convert to UTF-8 CSV (Python `/convert`) →
-Auto-detect bill type → Deduplicate against DB → Clean/normalize (Python `/clean/upload`) →
-Save raw + cleaned bills to MongoDB.
+### File Processing Pipeline
+Upload: ZIP/XLSX → Extract → Convert UTF-8 CSV → Detect bill type (alipay/wechat/jd) → Deduplicate against MongoDB → Clean via Python → Save cleaned data.
 
-Deduplication: raw bills check `transaction_id`; cleaned bills check
-`transaction_id + merchant_order_no`. JD bills trigger soft-deletion of overlapping records in
-other sources to prevent double-counting.
+### Cross-Batch Refund Reconciliation
+When the original purchase and its refund are in different upload batches, within-batch logic can't match them. Two reconciliation paths handle this:
+
+**Alipay** (`handler/upload.go` step 14): After cleaning, `cleaner.unresolved_refunds` (refund rows that found no matching expense in the same file) is returned by FastAPI and iterated in Go. `ReconcileRefund()` looks up the original expense by `transaction_id` or `merchant_order_no` and either soft-deletes (full refund) or deducts `amount` (partial). Alipay refund rows have their own distinct `transaction_id` (suffixed `_<refund_id>`), so they pass raw dedup and are naturally idempotent on re-upload.
+
+**WeChat** (`handler/upload.go` step 15): WeChat re-exports the *same row* (same `transaction_id`) with an updated `当前状态` field (`已全额退款` or `已退款(¥X)`). `DeduplicateRawFile` detects these duplicate rows, extracts the refund info into `DeduplicateResult.WechatRefundUpdates`, and `ReconcileWechatRefund()` applies the update. WeChat's `¥X` is the **cumulative** total refunded, so `CleanedBill.original_amount` (set at first save) is used to compute `remaining = original_amount - X`.
 
 ### Adapter (Go ↔ Python)
-`adapter.Cleaner` interface has two implementations: HTTP-based (`adapter/http`, default) and
-subprocess-based (`adapter/python`, legacy). Controlled by `ANALYZER_MODE` env var.
+`adapter.Cleaner` interface. Two modes:
+- `http` (default): calls FastAPI at `ANALYZER_URL`
+- `subprocess`: spawns `python analyzer/clean_bill.py`
+
+Set via `ANALYZER_MODE` env var or `server/config.yaml` `analyzer.mode`.
+
+### Config Precedence
+Go backend reads `server/config.yaml`, but Docker compose sets env vars (`ANALYZER_URL`, `MONGO_URI`, `JWT_SECRET`, etc.) that override it.
+
+### SvelteKit Config Notes
+- `svelte.config.js` uses `adapter-node` for Docker SSR.
+- `csrf.trustedOrigins: ['*']` disables CSRF checks.
+- `onwarn` ignores all `a11y_*` warnings (chart components).
+
+### Deployment
+- Gitea Actions self-hosted runner (`.gitea/workflows/deploy.yaml`), not GitHub.
+- `deploy.sh` is the manual deployment script (same logic as CI).
+
+### Test Coverage
+Sparse. Existing tests:
+- `web/src/demo.spec.ts` / `page.svelte.spec.ts`
+- `server/service/changelog_test.go`
+- `analyzer/test_jd_cleaner.py`
 
 ## Important Files
+
 | File | Role |
 |---|---|
-| `web/src/lib/api.ts` | Central API client; `apiFetch()` injects auth and handles 401 |
-| `web/src/lib/stores/auth.ts` | Auth state; JWT in localStorage; login/logout/validate |
-| `web/src/lib/models/bill.ts` | `UIBill` model + converters to/from API `CleanedBill` shape |
-| `web/src/routes/api/[...path]/+server.ts` | SvelteKit proxy to Go backend |
-| `server/main.go` | Entry point; wires config, adapters, repository, router |
-| `server/config/config.go` | YAML + env config; priority: defaults → config.yaml → env vars |
-| `server/router/router.go` | All route definitions and middleware assignment |
-| `server/middleware/auth.go` | JWT validation + user context injection |
-| `server/handler/upload.go` | Full upload pipeline (extract → convert → clean → store) |
-| `server/handler/bills.go` | List/filter bills with pagination and monthly stats |
-| `server/model/bill.go` | `RawBill`, `CleanedBill`, `MonthlyStat`; custom `LocalTime` type |
-| `server/adapter/adapter.go` | `Cleaner` interface definition |
-| `server/repository/repository.go` | `BillRepository` interface (14 persistence methods) |
-| `server/repository/mongo/repository.go` | MongoDB implementation with aggregation pipelines |
-| `analyzer/server.py` | FastAPI entry point; `/health`, `/clean`, `/convert`, `/detect` routes |
-| `analyzer/cleaners/base.py` | `BaseCleaner` ABC; shared filtering and output logic |
-| `analyzer/cleaners/alipay.py` | Alipay-specific normalization |
-| `analyzer/cleaners/wechat.py` | WeChat-specific normalization |
-| `analyzer/cleaners/jd.py` | JD (京东) normalization and 3-level review scoring |
-| `analyzer/category.py` | `infer_category()` using YAML keyword rules |
-| `analyzer/converter.py` | xlsx→csv (openpyxl), GBK→UTF-8 re-encoding, type detection |
-| `server/config.yaml` | Server port, MongoDB URI, JWT settings, user list |
-| `docker-compose.yaml` | 5 services: web, server, analyzer, mongodb, mongo-express |
+| `web/src/lib/api.ts` | Central API client, auth injection, all API functions |
+| `web/src/lib/stores/auth.ts` | Auth state, JWT handling, localStorage key `auth` |
+| `web/src/lib/models/bill.ts` | UIBill model + snake_case ↔ camelCase converters |
+| `web/src/routes/api/[...path]/+server.ts` | SvelteKit → Go proxy (GET/POST only) |
+| `server/main.go` | Entry point, wires adapter + repository + router |
+| `server/config.yaml` | Go backend config (Mongo, auth, paths, analyzer mode) |
+| `server/router/router.go` | Route table, auth group definitions |
+| `server/handler/upload.go` | Full upload pipeline handler |
+| `server/handler/bills.go` | List/filter/update/delete bills |
+| `server/model/bill.go` | Bill models, LocalTime type, BSON/JSON marshaling |
+| `server/adapter/adapter.go` | Cleaner interface definition |
+| `server/repository/mongo/repository.go` | MongoDB implementation, soft-delete queries |
+| `analyzer/server.py` | FastAPI entry, bill detection/clean endpoints |
+| `analyzer/cleaners/base.py` | BaseCleaner ABC |
+| `analyzer/category.py` | Category inference engine |
+| `docker-compose.yaml` | Full stack orchestration |
+
+## Agent Guidelines
+
+- **Before coding:** Search codebase to understand existing patterns and dependencies.
+- **Dependencies:** Check `package.json`/`go.mod`/`requirements.txt` before adding new packages.
+- **Tests:** Run the relevant test suite before committing. If no tests exist for your change, verify manually.
+- **Git commits:** Provide clear messages explaining the "why" of changes.
+- **File references:** Use relative `file_path:line_number` format (e.g., `server/handler/changelog.go:12`) when mentioning code locations.

CHANGELOG.md

@@ -8,14 +8,51 @@
 ## [Unreleased]
 
 ### 新增
+- **微信跨批次退款核销** - 重复上传微信账单时，自动识别"当前状态"字段中的退款信息并核销原始支出记录
+  - 支持「已全额退款」：原支出记录软删除
+  - 支持「已退款(¥X)」：累计退款金额从原始金额（`original_amount`）中扣减，剩余金额更新到记录
+  - 新增 `CleanedBill.original_amount` 字段，存储入库时的原始金额，保证多次部分退款累计计算正确
+  - `ReconcileWechatRefund` 接口和 MongoDB 实现
+- **支付宝跨批次退款核销** - 上传含退款行的支付宝账单时，若原消费记录来自更早的批次，自动在数据库中核销
+  - 退款行的「交易订单号」带后缀（`原订单号_退款编号`），天然幂等：重复上传时被原始数据去重拦截，不会重复核销
+  - 全额退款软删除，部分退款扣减金额并追加备注
+  - `ReconcileRefund` 接口和 MongoDB 实现
+
+### 技术改进
+- `server/service/bill.go`：`DeduplicateRawFile` 在微信账单去重阶段检测已退款状态行，收集 `WechatRefundUpdates` 供后续核销
+- `server/service/bill.go`：`saveCleanedBillsFromCSV` / `saveCleanedBillsFromJSON` 入库时同步写入 `original_amount`
+- `analyzer/cleaners/alipay.py`：`_process_expenses` 收集同批次内未匹配的退款（`unresolved_refunds`），通过 FastAPI 响应透传至 Go
+- `analyzer/cleaners/base.py`：`BaseCleaner` 基类新增 `unresolved_refunds` 属性
+
+## [1.4.0] - 2026-03-23
+
+### 新增
+- **账单导出 Excel 功能** - 支持将筛选后的账单导出为 Excel 文件
+  - 后端新增 `/api/bills/export` 接口，根据当前筛选条件导出全部记录（无分页限制）
+  - 使用 excelize 库生成 xlsx 格式文件
+  - 前端账单管理页面标题栏添加"导出 Excel"按钮
+  - 支持日期范围、分类、来源、收支类型等筛选条件
+  - Excel 包含：时间、来源、分类、交易对方、商品说明、收/支、金额、支付方式、状态、备注
 - **酒店旅游分类** - 新增「酒店旅游」支出分类
   - 涵盖关键词：酒店、宾馆、民宿、客栈、携程、飞猪、去哪儿、同程、旅游、旅行、景区、门票、度假等
   - 相关关键词从「文化休闲」和「交通出行」中分离，避免分类冲突
+- **动态版本日志系统** - 将版本更新日志从前端硬编码改为动态获取
+  - 后端新增 `/api/changelog` 公开接口，实时解析 CHANGELOG.md
+  - 前端ChangelogDrawer组件改为异步加载日志，支持加载态和错误处理
+  - 新增 Markdown 解析器，自动提取版本、日期和分类变更内容
+
+### 技术改进
+- Go 版本升级到 1.24（支持 excelize 依赖）
+- 新增 `server/handler/export.go` 导出处理器
+- 新增 `web/src/lib/api.ts` 中的 `exportBills()` 函数
+- 新增 `server/handler/changelog.go` 和 `server/service/changelog.go` 日志解析模块
+- 导出 `apiFetch` 函数供公开 API 调用
 
 ### 修复
 - **各页面账单分类不一致** - 账单列表页和复核页改从 `$lib/data/categories` 统一导入分类列表
   - 删除两处本地重复硬编码的旧版 13 项分类
   - `BillDetailDrawer` 的 `categories` prop 类型改为 `readonly string[]`
+- **前端版本日志显示** - 移除硬编码的 14 个版本数据，改为从 API 动态加载
 
 ## [1.3.1] - 2026-01-26
 

CLAUDE.md

@@ -0,0 +1,5 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+@AGENTS.md

analyzer/cleaners/alipay.py

@@ -112,8 +112,15 @@ class AlipayCleaner(BaseCleaner):
 
                 if key:
                     if key not in order_refunds:
-                        order_refunds[key] = Decimal("0")
-                    order_refunds[key] += refund_amount
+                        order_refunds[key] = {
+                            "amount": Decimal("0"),
+                            "merchant_order_no": refund_merchant_no,
+                            "refund_order_no": refund_order_no,
+                            "time": row[0],
+                            "merchant": row[2],
+                            "description": row[4] if len(row) > 4 else "",
+                        }
+                    order_refunds[key]["amount"] += refund_amount
                     print(f"  退款记录: {row[0]} | {row[2]} | {refund_amount}元")
 
         return order_refunds
@@ -121,6 +128,7 @@ class AlipayCleaner(BaseCleaner):
     def _process_expenses(self, expense_rows: list, order_refunds: dict) -> list:
         """处理支出记录"""
         final_rows = []
+        matched_keys = set()
 
         for row in expense_rows:
             if len(row) >= 12:
@@ -132,13 +140,14 @@ class AlipayCleaner(BaseCleaner):
                 refund_amount = Decimal("0")
                 matched_key = None
 
-                for key, amount in order_refunds.items():
+                for key, refund in order_refunds.items():
                     if key and (order_no == key or merchant_no == key or order_no.startswith(key)):
-                        refund_amount = amount
+                        refund_amount = refund["amount"]
                         matched_key = key
                         break
 
                 if matched_key:
+                    matched_keys.add(matched_key)
                     if refund_amount >= expense_amount:
                         # 全额退款，删除
                         self.stats["fully_refunded"] += 1
@@ -164,6 +173,21 @@ class AlipayCleaner(BaseCleaner):
             else:
                 final_rows.append(row)
 
+        # 本批次内未匹配到对应支出的退款，交由调用方做跨批次核销
+        self.unresolved_refunds = [
+            {
+                "order_no": key,
+                "merchant_order_no": refund["merchant_order_no"],
+                "refund_order_no": refund["refund_order_no"],
+                "amount": float(format_amount(refund["amount"])),
+                "time": refund["time"],
+                "merchant": refund["merchant"],
+                "description": refund["description"],
+            }
+            for key, refund in order_refunds.items()
+            if key not in matched_keys
+        ]
+
         return final_rows
     
     def _is_platform_merchant(self, merchant: str) -> bool:

analyzer/cleaners/base.py

@@ -221,6 +221,9 @@ class BaseCleaner(ABC):
             "final_count": 0,
         }
 
+        # 本次清理中未能在同批次内匹配到对应支出的退款（跨批次核销用）
+        self.unresolved_refunds: list[dict] = []
+    
     def set_date_range(self, start_date: date | None, end_date: date | None):
         """设置日期筛选范围"""
         self.start_date = start_date

analyzer/cleaners/wechat.py

@@ -55,6 +55,22 @@ class WechatCleaner(BaseCleaner):
         # 第三步：处理退款（包括转账退款）
         final_expense_rows, income_rows = self._process_refunds(expense_rows, income_rows)
 
+        # 收集跨批次未匹配的 -退款 行（当前批次无对应支出记录，需 Go 侧跨批次核销）
+        expense_merchants = {exp[2].strip() for exp in expense_rows}
+        for refund_row in refund_rows:
+            if refund_row[2].strip() not in expense_merchants:
+                amount = float(parse_amount(refund_row[5]))
+                if amount > 0:
+                    self.unresolved_refunds.append({
+                        "order_no": "",
+                        "merchant_order_no": refund_row[9].strip() if len(refund_row) > 9 else "",
+                        "refund_order_no": refund_row[8].strip() if len(refund_row) > 8 else "",
+                        "amount": amount,
+                        "time": refund_row[0],
+                        "merchant": refund_row[2],
+                        "description": refund_row[3] if len(refund_row) > 3 else "",
+                    })
+
         print(f"\n处理结果:")
         print(f"  全额退款删除: {self.stats['fully_refunded']} 条")
         print(f"  部分退款调整: {self.stats['partially_refunded']} 条")

analyzer/server.py

@@ -52,6 +52,7 @@ class CleanResponse(BaseModel):
     bill_type: str
     message: str
     output_path: Optional[str] = None
+    unresolved_refunds: list[dict] = []
 
 
 class CategoryRequest(BaseModel):
@@ -138,22 +139,22 @@ def do_clean(
     start: str = None,
     end: str = None,
     output_format: str = "csv"
-) -> tuple[bool, str, str]:
+) -> tuple[bool, str, str, list[dict]]:
     """
     执行清洗逻辑
 
     Returns:
-        (success, bill_type, message)
+        (success, bill_type, message, unresolved_refunds)
     """
     # 检查文件是否存在
     if not Path(input_path).exists():
-        return False, "", f"文件不存在: {input_path}"
+        return False, "", f"文件不存在: {input_path}", []
 
     # 检测账单类型
     if bill_type == "auto":
         detected_type = detect_bill_type(input_path)
         if detected_type is None:
-            return False, "", "无法识别账单类型"
+            return False, "", "无法识别账单类型", []
         bill_type = detected_type
 
     # 计算日期范围
@@ -172,10 +173,10 @@ def do_clean(
         cleaner.clean()
 
         type_names = {"alipay": "支付宝", "wechat": "微信", "jd": "京东白条"}
-        return True, bill_type, f"✅ {type_names.get(bill_type, bill_type)}账单清洗完成"
+        return True, bill_type, f"✅ {type_names.get(bill_type, bill_type)}账单清洗完成", cleaner.unresolved_refunds
 
     except Exception as e:
-        return False, bill_type, f"清洗失败: {str(e)}"
+        return False, bill_type, f"清洗失败: {str(e)}", []
 
 
 # =============================================================================
@@ -215,7 +216,7 @@ async def clean_bill(request: CleanRequest):
     
     接收账单文件路径，执行清洗后输出到指定路径
     """
-    success, bill_type, message = do_clean(
+    success, bill_type, message, unresolved_refunds = do_clean(
         input_path=request.input_path,
         output_path=request.output_path,
         bill_type=request.bill_type or "auto",
@@ -233,7 +234,8 @@ async def clean_bill(request: CleanRequest):
         success=True,
         bill_type=bill_type,
         message=message,
-        output_path=request.output_path
+        output_path=request.output_path,
+        unresolved_refunds=unresolved_refunds
     )
 
 
@@ -264,7 +266,7 @@ async def clean_bill_upload(
         output_path = tmp_output.name
     
     try:
-        success, detected_type, message = do_clean(
+        success, detected_type, message, unresolved_refunds = do_clean(
             input_path=input_path,
             output_path=output_path,
             bill_type=bill_type or "auto",
@@ -282,7 +284,8 @@ async def clean_bill_upload(
             success=True,
             bill_type=detected_type,
             message=message,
-            output_path=output_path
+            output_path=output_path,
+            unresolved_refunds=unresolved_refunds
         )
     
     finally:

analyzer/test_jd_cleaner.py

@@ -11,7 +11,8 @@ import sys
 sys.stdout.reconfigure(encoding='utf-8')
 
 def test_jd_cleaner():
-    zip_path = r'D:\Projects\BillAI\mock_data\京东交易流水(申请时间2026年01月26日13时29分47秒)(密码683263)_209.zip'
+    base_dir = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+    zip_path = os.path.join(base_dir, 'mock_data', '京东交易流水(申请时间2026年01月26日13时29分47秒)(密码683263)_209.zip')
     
     with zipfile.ZipFile(zip_path, 'r') as zf:
         with tempfile.TemporaryDirectory() as tmpdir:

docker-compose.yaml

@@ -27,8 +27,8 @@ services:
   # Go 后端服务
   server:
     build:
-      context: ./server
-      dockerfile: Dockerfile
+      context: .
+      dockerfile: server/Dockerfile
     container_name: billai-server
     restart: unless-stopped
     ports:

server/Dockerfile

@@ -1,8 +1,9 @@
 # Go 服务 Dockerfile
 # 多阶段构建：编译阶段 + 运行阶段
+# 构建上下文：项目根目录（docker-compose context: .）
 
 # ===== 编译阶段 =====
-FROM golang:1.21-alpine AS builder
+FROM golang:1.24-alpine AS builder
 
 WORKDIR /build
 
@@ -10,11 +11,11 @@ WORKDIR /build
 ENV GOPROXY=https://goproxy.cn,direct
 
 # 先复制依赖文件，利用 Docker 缓存
-COPY go.mod go.sum ./
+COPY server/go.mod server/go.sum ./
 RUN go mod download
 
 # 复制源代码并编译
-COPY . .
+COPY server/ .
 RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o billai-server .
 
 # ===== 运行阶段 =====
@@ -35,6 +36,9 @@ ENV TZ=Asia/Shanghai
 COPY --from=builder /build/billai-server .
 COPY --from=builder /build/config.yaml .
 
+# 复制项目根目录的 CHANGELOG.md
+COPY CHANGELOG.md .
+
 # 创建必要目录
 RUN mkdir -p uploads outputs
 

server/adapter/adapter.go

@@ -15,6 +15,18 @@ type CleanOptions struct {
 type CleanResult struct {
 	BillType          string             // 检测到的账单类型: alipay/wechat/jd
 	Output            string             // 脚本输出信息
+	UnresolvedRefunds []UnresolvedRefund // 本次清洗未在同批次内匹配到对应支出的退款
+}
+
+// UnresolvedRefund 本次清洗未在同批次内匹配到对应支出的退款
+type UnresolvedRefund struct {
+	OrderNo         string  // 原订单号（去除退款后缀）
+	MerchantOrderNo string  // 商家订单号（备用匹配字段）
+	RefundOrderNo   string  // 退款行自身的完整订单号（用于备注追溯）
+	Amount          float64 // 退款金额
+	Time            string  // 退款时间
+	Merchant        string  // 交易对方
+	Description     string  // 商品说明
 }
 
 // ConvertResult 格式转换结果

server/adapter/http/cleaner.go

@@ -33,6 +33,18 @@ type CleanResponse struct {
 	BillType          string             `json:"bill_type"`
 	Message           string             `json:"message"`
 	OutputPath        string             `json:"output_path,omitempty"`
+	UnresolvedRefunds []UnresolvedRefund `json:"unresolved_refunds,omitempty"`
+}
+
+// UnresolvedRefund 本次清洗未在同批次内匹配到对应支出的退款（与 Python 端 dict 字段对应）
+type UnresolvedRefund struct {
+	OrderNo         string  `json:"order_no"`
+	MerchantOrderNo string  `json:"merchant_order_no"`
+	RefundOrderNo   string  `json:"refund_order_no"`
+	Amount          float64 `json:"amount"`
+	Time            string  `json:"time"`
+	Merchant        string  `json:"merchant"`
+	Description     string  `json:"description"`
 }
 
 // ErrorResponse 错误响应
@@ -149,9 +161,23 @@ func (c *Cleaner) Clean(inputPath, outputPath string, opts *adapter.CleanOptions
 		}
 	}
 
+	unresolvedRefunds := make([]adapter.UnresolvedRefund, 0, len(cleanResp.UnresolvedRefunds))
+	for _, ur := range cleanResp.UnresolvedRefunds {
+		unresolvedRefunds = append(unresolvedRefunds, adapter.UnresolvedRefund{
+			OrderNo:         ur.OrderNo,
+			MerchantOrderNo: ur.MerchantOrderNo,
+			RefundOrderNo:   ur.RefundOrderNo,
+			Amount:          ur.Amount,
+			Time:            ur.Time,
+			Merchant:        ur.Merchant,
+			Description:     ur.Description,
+		})
+	}
+
 	return &adapter.CleanResult{
 		BillType:          cleanResp.BillType,
 		Output:            cleanResp.Message,
+		UnresolvedRefunds: unresolvedRefunds,
 	}, nil
 }
 

server/config.yaml

@@ -1,7 +1,7 @@
 # BillAI 服务器配置文件
 
 # 应用版本
-version: "1.0.7"
+version: "1.0.8"
 
 # 服务配置
 server:

server/go.mod

@@ -1,13 +1,14 @@
 module billai-server
 
-go 1.21
+go 1.24.0
 
 require (
 	github.com/gin-gonic/gin v1.9.1
 	github.com/golang-jwt/jwt/v5 v5.3.0
+	github.com/xuri/excelize/v2 v2.10.1
 	github.com/yeka/zip v0.0.0-20231116150916-03d6312748a9
 	go.mongodb.org/mongo-driver v1.13.1
-	golang.org/x/text v0.9.0
+	golang.org/x/text v0.34.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -30,16 +31,21 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe // indirect
 	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
+	github.com/richardlehane/mscfb v1.0.6 // indirect
+	github.com/richardlehane/msoleps v1.0.6 // indirect
+	github.com/tiendc/go-deepcopy v1.7.2 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 	github.com/xdg-go/scram v1.1.2 // indirect
 	github.com/xdg-go/stringprep v1.0.4 // indirect
+	github.com/xuri/efp v0.0.1 // indirect
+	github.com/xuri/nfp v0.0.2-0.20250530014748-2ddeb826f9a9 // indirect
 	github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect
 	golang.org/x/arch v0.3.0 // indirect
-	golang.org/x/crypto v0.9.0 // indirect
-	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect
-	golang.org/x/sys v0.8.0 // indirect
+	golang.org/x/crypto v0.48.0 // indirect
+	golang.org/x/net v0.50.0 // indirect
+	golang.org/x/sync v0.19.0 // indirect
+	golang.org/x/sys v0.41.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
 )

server/go.sum

@@ -54,6 +54,10 @@ github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZ
 github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/richardlehane/mscfb v1.0.6 h1:eN3bvvZCp00bs7Zf52bxNwAx5lJDBK1tCuH19qq5aC8=
+github.com/richardlehane/mscfb v1.0.6/go.mod h1:pe0+IUIc0AHh0+teNzBlJCtSyZdFOGgV4ZK9bsoV+Jo=
+github.com/richardlehane/msoleps v1.0.6 h1:9BvkpjvD+iUBalUY4esMwv6uBkfOip/Lzvd93jvR9gg=
+github.com/richardlehane/msoleps v1.0.6/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@@ -63,8 +67,11 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
+github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
+github.com/tiendc/go-deepcopy v1.7.2 h1:Ut2yYR7W9tWjTQitganoIue4UGxZwCcJy3orjrrIj44=
+github.com/tiendc/go-deepcopy v1.7.2/go.mod h1:4bKjNC2r7boYOkD2IOuZpYjmlDdzjbpTRyCx+goBCJQ=
 github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
@@ -75,6 +82,12 @@ github.com/xdg-go/scram v1.1.2 h1:FHX5I5B4i4hKRVRBCFRxq1iQRej7WO3hhBuJf+UUySY=
 github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4=
 github.com/xdg-go/stringprep v1.0.4 h1:XLI/Ng3O1Atzq0oBs3TWm+5ZVgkq2aqdlvP9JtoZ6c8=
 github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM=
+github.com/xuri/efp v0.0.1 h1:fws5Rv3myXyYni8uwj2qKjVaRP30PdjeYe2Y6FDsCL8=
+github.com/xuri/efp v0.0.1/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI=
+github.com/xuri/excelize/v2 v2.10.1 h1:V62UlqopMqha3kOpnlHy2CcRVw1V8E63jFoWUmMzxN0=
+github.com/xuri/excelize/v2 v2.10.1/go.mod h1:iG5tARpgaEeIhTqt3/fgXCGoBRt4hNXgCp3tfXKoOIc=
+github.com/xuri/nfp v0.0.2-0.20250530014748-2ddeb826f9a9 h1:+C0TIdyyYmzadGaL/HBLbf3WdLgC29pgyhTjAT/0nuE=
+github.com/xuri/nfp v0.0.2-0.20250530014748-2ddeb826f9a9/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
 github.com/yeka/zip v0.0.0-20231116150916-03d6312748a9 h1:K8gF0eekWPEX+57l30ixxzGhHH/qscI3JCnuhbN6V4M=
 github.com/yeka/zip v0.0.0-20231116150916-03d6312748a9/go.mod h1:9BnoKCcgJ/+SLhfAXj15352hTOuVmG5Gzo8xNRINfqI=
 github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d h1:splanxYIlg+5LfHAM6xpdFEAYOk8iySO56hMFq6uLyA=
@@ -88,18 +101,21 @@ golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g=
-golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
+golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
+golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
+golang.org/x/image v0.25.0 h1:Y6uW6rH1y5y/LK1J8BPWZtr6yZ7hrsy6hFrXjgsc2fQ=
+golang.org/x/image v0.25.0/go.mod h1:tCAmOEGthTtkalusGp1g3xa2gke8J6c2N565dTyl9Rs=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
-golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60=
+golang.org/x/net v0.50.0/go.mod h1:UgoSli3F/pBgdJBHCTc+tp3gmrU4XswgGRgtnwWTfyM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
+golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -108,8 +124,8 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
-golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k=
+golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -118,8 +134,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
-golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.34.0 h1:oL/Qq0Kdaqxa1KbNeMKwQq0reLCCaFtqu2eNuSeNHbk=
+golang.org/x/text v0.34.0/go.mod h1:homfLqTYRFyVYemLBFl5GgL/DWEiH5wcsQ5gSh1yziA=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=

server/handler/auth.go

@@ -98,7 +98,11 @@ func Login(c *gin.Context) {
 
 	secret := config.Global.JWTSecret
 	if secret == "" {
-		secret = "billai-default-secret"
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"success": false,
+			"error":   "服务器 JWT 配置缺失",
+		})
+		return
 	}
 
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
@@ -144,7 +148,12 @@ func ValidateToken(c *gin.Context) {
 
 	secret := config.Global.JWTSecret
 	if secret == "" {
-		secret = "billai-default-secret"
+		c.JSON(http.StatusUnauthorized, gin.H{
+			"success": false,
+			"error":   "服务器 JWT 配置缺失",
+			"code":    "TOKEN_INVALID",
+		})
+		return
 	}
 
 	token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) {

server/handler/bills.go

@@ -2,7 +2,6 @@ package handler
 
 import (
 	"net/http"
-	"strconv"
 	"time"
 
 	"github.com/gin-gonic/gin"
@@ -154,18 +153,6 @@ func ListBills(c *gin.Context) {
 	})
 }
 
-// parsePageParam 解析分页参数
-func parsePageParam(s string, defaultVal int) int {
-	if s == "" {
-		return defaultVal
-	}
-	val, err := strconv.Atoi(s)
-	if err != nil || val < 1 {
-		return defaultVal
-	}
-	return val
-}
-
 // MonthlyStatsResponse 月度统计响应
 type MonthlyStatsResponse struct {
 	Result  bool                `json:"result"`
@@ -202,6 +189,13 @@ func MonthlyStats(c *gin.Context) {
 // ReviewStats 获取待复核数据统计
 func ReviewStats(c *gin.Context) {
 	repo := repository.GetRepository()
+	if repo == nil {
+		c.JSON(http.StatusServiceUnavailable, model.ReviewResponse{
+			Result:  false,
+			Message: "数据库未连接",
+		})
+		return
+	}
 
 	// 从MongoDB查询所有需要复核的账单
 	bills, err := repo.GetBillsNeedReview()

server/handler/changelog.go

@@ -0,0 +1,26 @@
+package handler
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+
+	"billai-server/service"
+)
+
+// GetChangelog GET /api/changelog 获取版本变更日志
+func GetChangelog(c *gin.Context) {
+	changelog, err := service.ParseChangelog()
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"result":  false,
+			"message": "获取变更日志失败: " + err.Error(),
+		})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{
+		"result": true,
+		"data":   changelog,
+	})
+}

server/handler/export.go

@@ -0,0 +1,134 @@
+package handler
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/xuri/excelize/v2"
+
+	"billai-server/repository"
+)
+
+type ExportBillsRequest struct {
+	StartDate     string `form:"start_date"`
+	EndDate       string `form:"end_date"`
+	Category      string `form:"category"`
+	Type          string `form:"type"`
+	IncomeExpense string `form:"income_expense"`
+}
+
+func ExportBills(c *gin.Context) {
+	var req ExportBillsRequest
+	if err := c.ShouldBindQuery(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"result":  false,
+			"message": "参数解析失败: " + err.Error(),
+		})
+		return
+	}
+
+	filter := buildFilterFromRequest(req)
+
+	repo := repository.GetRepository()
+	if repo == nil {
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"result":  false,
+			"message": "数据库未连接",
+		})
+		return
+	}
+
+	bills, err := repo.GetCleanedBills(filter)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"result":  false,
+			"message": "查询失败: " + err.Error(),
+		})
+		return
+	}
+
+	f := excelize.NewFile()
+	sheet := "账单"
+	f.SetSheetName("Sheet1", sheet)
+
+	headers := []string{"时间", "来源", "分类", "交易对方", "商品说明", "收/支", "金额", "支付方式", "状态", "备注"}
+	for i, header := range headers {
+		cell, _ := excelize.CoordinatesToCellName(i+1, 1)
+		f.SetCellValue(sheet, cell, header)
+	}
+
+	for idx, bill := range bills {
+		row := idx + 2
+
+		f.SetCellValue(sheet, fmt.Sprintf("A%d", row), bill.Time.Time().Format("2006-01-02 15:04:05"))
+		f.SetCellValue(sheet, fmt.Sprintf("B%d", row), bill.BillType)
+		f.SetCellValue(sheet, fmt.Sprintf("C%d", row), bill.Category)
+		f.SetCellValue(sheet, fmt.Sprintf("D%d", row), bill.Merchant)
+		f.SetCellValue(sheet, fmt.Sprintf("E%d", row), bill.Description)
+		f.SetCellValue(sheet, fmt.Sprintf("F%d", row), bill.IncomeExpense)
+		f.SetCellValue(sheet, fmt.Sprintf("G%d", row), bill.Amount)
+		f.SetCellValue(sheet, fmt.Sprintf("H%d", row), bill.PayMethod)
+		f.SetCellValue(sheet, fmt.Sprintf("I%d", row), bill.Status)
+		f.SetCellValue(sheet, fmt.Sprintf("J%d", row), bill.Remark)
+	}
+
+	f.SetColWidth(sheet, "A", "A", 20)
+	f.SetColWidth(sheet, "B", "B", 8)
+	f.SetColWidth(sheet, "C", "C", 12)
+	f.SetColWidth(sheet, "D", "D", 20)
+	f.SetColWidth(sheet, "E", "E", 30)
+	f.SetColWidth(sheet, "F", "F", 8)
+	f.SetColWidth(sheet, "G", "G", 12)
+	f.SetColWidth(sheet, "H", "H", 15)
+	f.SetColWidth(sheet, "I", "I", 10)
+	f.SetColWidth(sheet, "J", "J", 20)
+
+	filename := fmt.Sprintf("bills_%s.xlsx", time.Now().Format("20060102_150405"))
+	c.Header("Content-Type", "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet")
+	c.Header("Content-Disposition", fmt.Sprintf("attachment; filename=%s", filename))
+	c.Header("Access-Control-Expose-Headers", "Content-Disposition")
+
+	if err := f.Write(c.Writer); err != nil {
+		fmt.Printf("导出 Excel 失败: %v\n", err)
+	}
+}
+
+func buildFilterFromRequest(req ExportBillsRequest) map[string]interface{} {
+	filter := make(map[string]interface{})
+
+	if req.StartDate != "" || req.EndDate != "" {
+		timeFilter := make(map[string]interface{})
+		if req.StartDate != "" {
+			startTime, err := time.ParseInLocation("2006-01-02", req.StartDate, time.Local)
+			if err == nil {
+				timeFilter["$gte"] = startTime
+			}
+		}
+		if req.EndDate != "" {
+			endTime, err := time.ParseInLocation("2006-01-02", req.EndDate, time.Local)
+			if err == nil {
+				endTime = endTime.Add(24 * time.Hour)
+				timeFilter["$lt"] = endTime
+			}
+		}
+		if len(timeFilter) > 0 {
+			filter["time"] = timeFilter
+		}
+	}
+
+	if req.Category != "" {
+		filter["category"] = req.Category
+	}
+	if req.Type != "" {
+		filter["bill_type"] = req.Type
+	}
+	if req.IncomeExpense != "" {
+		filter["income_expense"] = req.IncomeExpense
+	}
+
+	filter["is_deleted"] = false
+
+	return filter
+}

server/handler/upload.go

@@ -223,7 +223,7 @@ func Upload(c *gin.Context) {
 		End:    req.End,
 		Format: req.Format,
 	}
-	_, cleanErr := service.RunCleanScript(processFilePath, outputPath, cleanOpts)
+	cleanResult, cleanErr := service.RunCleanScript(processFilePath, outputPath, cleanOpts)
 	if cleanErr != nil {
 		service.CleanupExtractedFiles(extractedFiles)
 		c.JSON(http.StatusInternalServerError, model.UploadResponse{
@@ -255,11 +255,11 @@ func Upload(c *gin.Context) {
 	}
 	service.CleanupExtractedFiles(extractedFiles)
 
+	repo := repository.GetRepository()
+
 	// 13. 如果是京东账单，软删除其他来源中包含"京东-订单编号"的记录
 	var jdRelatedDeleted int64
-	if billType == "jd" {
-		repo := repository.GetRepository()
-		if repo != nil {
+	if billType == "jd" && repo != nil {
 		deleted, err := repo.SoftDeleteJDRelatedBills()
 		if err != nil {
 			fmt.Printf("⚠️  软删除京东关联记录失败: %v\n", err)
@@ -268,9 +268,43 @@ func Upload(c *gin.Context) {
 			fmt.Printf("🗑️  已软删除 %d 条其他来源中的京东关联记录\n", deleted)
 		}
 	}
+
+	// 14. 核销跨批次退款（支付宝：本次清洗中未在同批次内匹配到对应支出的退款）
+	var reconciledCount int
+	if repo != nil && cleanResult != nil {
+		for _, ur := range cleanResult.UnresolvedRefunds {
+			matched, rErr := repo.ReconcileRefund(billType, ur.OrderNo, ur.MerchantOrderNo, ur.Amount, ur.Time, ur.Merchant, ur.Description, ur.RefundOrderNo)
+			if rErr != nil {
+				fmt.Printf("⚠️  退款核销失败: %v\n", rErr)
+				continue
+			}
+			if matched {
+				reconciledCount++
+				fmt.Printf("💰 已核销退款: 订单%s, 金额%.2f元\n", ur.OrderNo, ur.Amount)
+			}
+		}
 	}
 
-	// 14. 返回成功响应
+	// 15. 核销跨批次微信退款（重复上传的行中携带的已退款状态）
+	if repo != nil && len(dedupResult.WechatRefundUpdates) > 0 {
+		for _, wu := range dedupResult.WechatRefundUpdates {
+			matched, rErr := repo.ReconcileWechatRefund(wu.TransactionID, wu.FullRefund, wu.CumulativeRefundAmount)
+			if rErr != nil {
+				fmt.Printf("⚠️  微信退款核销失败: %v\n", rErr)
+				continue
+			}
+			if matched {
+				reconciledCount++
+				if wu.FullRefund {
+					fmt.Printf("💰 已核销微信全额退款: 交易单号%s\n", wu.TransactionID)
+				} else {
+					fmt.Printf("💰 已核销微信部分退款: 交易单号%s, 累计退款%.2f元\n", wu.TransactionID, wu.CumulativeRefundAmount)
+				}
+			}
+		}
+	}
+
+	// 16. 返回成功响应
 	message := fmt.Sprintf("处理成功，新增 %d 条记录", cleanedCount)
 	if dedupResult.DuplicateCount > 0 {
 		message = fmt.Sprintf("处理成功，新增 %d 条，跳过 %d 条重复记录", cleanedCount, dedupResult.DuplicateCount)
@@ -278,6 +312,9 @@ func Upload(c *gin.Context) {
 	if jdRelatedDeleted > 0 {
 		message = fmt.Sprintf("%s，标记删除 %d 条重复的京东订单", message, jdRelatedDeleted)
 	}
+	if reconciledCount > 0 {
+		message = fmt.Sprintf("%s，核销退款 %d 条", message, reconciledCount)
+	}
 
 	c.JSON(http.StatusOK, model.UploadResponse{
 		Result:  true,
@@ -290,6 +327,7 @@ func Upload(c *gin.Context) {
 			CleanedCount:          cleanedCount,
 			DuplicateCount:        dedupResult.DuplicateCount,
 			JDRelatedDeleted:      jdRelatedDeleted,
+			ReconciledRefundCount: reconciledCount,
 		},
 	})
 }

server/middleware/auth.go

@@ -38,7 +38,13 @@ func AuthRequired() gin.HandlerFunc {
 
 		secret := config.Global.JWTSecret
 		if secret == "" {
-			secret = "billai-default-secret"
+			c.JSON(http.StatusUnauthorized, gin.H{
+				"success": false,
+				"error":   "服务器 JWT 配置缺失",
+				"code":    "TOKEN_INVALID",
+			})
+			c.Abort()
+			return
 		}
 
 		token, err := jwt.ParseWithClaims(tokenString, &Claims{}, func(token *jwt.Token) (interface{}, error) {

server/model/bill.go

@@ -90,6 +90,7 @@ type CleanedBill struct {
 	Description     string             `bson:"description" json:"description"`             // 商品说明
 	IncomeExpense   string             `bson:"income_expense" json:"income_expense"`                       // 收/支
 	Amount          float64            `bson:"amount" json:"amount"`                                       // 金额
+	OriginalAmount  float64            `bson:"original_amount,omitempty" json:"original_amount,omitempty"` // 原始金额（入库时），用于微信跨批次退款核销
 	PayMethod       string             `bson:"pay_method" json:"pay_method"`                               // 支付方式
 	Status          string             `bson:"status" json:"status"`                       // 交易状态
 	Remark          string             `bson:"remark" json:"remark"`                       // 备注

server/model/response.go

@@ -9,6 +9,7 @@ type UploadData struct {
 	CleanedCount          int    `json:"cleaned_count,omitempty"`           // 存储到清洗后数据集合的记录数
 	DuplicateCount        int    `json:"duplicate_count,omitempty"`         // 重复跳过的记录数
 	JDRelatedDeleted      int64  `json:"jd_related_deleted,omitempty"`      // 软删除的京东关联记录数（其他来源中描述包含京东订单号的记录）
+	ReconciledRefundCount int    `json:"reconciled_refund_count,omitempty"` // 跨批次核销的退款记录数
 }
 
 // UploadResponse 上传响应

server/repository/mongo/repository.go

@@ -4,6 +4,7 @@ package mongo
 import (
 	"context"
 	"fmt"
+	"math"
 	"time"
 
 	"go.mongodb.org/mongo-driver/bson"
@@ -16,6 +17,9 @@ import (
 	"billai-server/repository"
 )
 
+// refundEpsilon 退款核销后剩余金额的容差阈值，小于该值视为已全额退款
+const refundEpsilon = 0.005
+
 // Repository MongoDB 账单存储实现
 type Repository struct {
 	client            *mongo.Client
@@ -498,6 +502,149 @@ func (r *Repository) SoftDeleteJDRelatedBills() (int64, error) {
 	return result.ModifiedCount, nil
 }
 
+// ReconcileRefund 将跨批次退款核销到已存储的清洗后账单
+// 按 bill_type + (transaction_id == orderNo 或 merchant_order_no == merchantOrderNo) 查找未删除记录
+// 全额退款（剩余金额 <= refundEpsilon）则软删除；部分退款则扣减 amount 并追加备注
+func (r *Repository) ReconcileRefund(billType, orderNo, merchantOrderNo string, refundAmount float64, refundTime, merchant, description, refundOrderNo string) (bool, error) {
+	if r.cleanedCollection == nil {
+		return false, fmt.Errorf("cleaned collection not initialized")
+	}
+
+	if orderNo == "" && merchantOrderNo == "" {
+		return false, nil
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+	defer cancel()
+
+	var or []bson.M
+	if orderNo != "" {
+		or = append(or, bson.M{"transaction_id": orderNo})
+	}
+	if merchantOrderNo != "" {
+		or = append(or, bson.M{"merchant_order_no": merchantOrderNo})
+	}
+	filter := bson.M{
+		"bill_type":  billType,
+		"is_deleted": bson.M{"$ne": true},
+		"$or":        or,
+	}
+
+	var bill model.CleanedBill
+	if err := r.cleanedCollection.FindOne(ctx, filter).Decode(&bill); err != nil {
+		if err == mongo.ErrNoDocuments {
+			return false, nil
+		}
+		return false, fmt.Errorf("查询待核销账单失败: %w", err)
+	}
+
+	remaining := bill.Amount - refundAmount
+	now := time.Now()
+
+	if remaining <= refundEpsilon {
+		update := bson.M{"$set": bson.M{
+			"is_deleted": true,
+			"updated_at": now,
+			"remark":     fmt.Sprintf("[退款核销]全额退款%.2f元(退款单号%s);%s", refundAmount, refundOrderNo, bill.Remark),
+		}}
+		_, err := r.cleanedCollection.UpdateOne(ctx, bson.M{"_id": bill.ID}, update)
+		if err != nil {
+			return false, fmt.Errorf("核销退款失败: %w", err)
+		}
+		return true, nil
+	}
+
+	remaining = math.Round(remaining*100) / 100
+	update := bson.M{"$set": bson.M{
+		"amount":     remaining,
+		"updated_at": now,
+		"remark":     fmt.Sprintf("原金额%.2f元,退款%.2f元(退款单号%s);%s", bill.Amount, refundAmount, refundOrderNo, bill.Remark),
+	}}
+	_, err := r.cleanedCollection.UpdateOne(ctx, bson.M{"_id": bill.ID}, update)
+	if err != nil {
+		return false, fmt.Errorf("核销退款失败: %w", err)
+	}
+	return true, nil
+}
+
+// ReconcileWechatRefund 将跨批次微信退款核销到已存储的清洗后账单
+// 微信"当前状态"字段为累计退款金额，使用 original_amount（入库时原始金额）计算剩余
+func (r *Repository) ReconcileWechatRefund(transactionID string, fullRefund bool, cumulativeRefundAmount float64) (bool, error) {
+	if r.cleanedCollection == nil {
+		return false, fmt.Errorf("cleaned collection not initialized")
+	}
+	if transactionID == "" {
+		return false, nil
+	}
+
+	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+	defer cancel()
+
+	filter := bson.M{
+		"bill_type":      "wechat",
+		"transaction_id": transactionID,
+		"is_deleted":     bson.M{"$ne": true},
+	}
+
+	var bill model.CleanedBill
+	if err := r.cleanedCollection.FindOne(ctx, filter).Decode(&bill); err != nil {
+		if err == mongo.ErrNoDocuments {
+			return false, nil
+		}
+		return false, fmt.Errorf("查询待核销微信账单失败: %w", err)
+	}
+
+	now := time.Now()
+
+	if fullRefund {
+		update := bson.M{"$set": bson.M{
+			"is_deleted": true,
+			"updated_at": now,
+			"remark":     fmt.Sprintf("[退款核销]全额退款;%s", bill.Remark),
+		}}
+		_, err := r.cleanedCollection.UpdateOne(ctx, bson.M{"_id": bill.ID}, update)
+		if err != nil {
+			return false, fmt.Errorf("核销微信全额退款失败: %w", err)
+		}
+		return true, nil
+	}
+
+	// 部分退款：用原始金额（original_amount）减去累计退款金额得到剩余
+	originalAmount := bill.OriginalAmount
+	if originalAmount <= 0 {
+		originalAmount = bill.Amount // 兼容旧记录（无 original_amount 字段）
+	}
+	remaining := originalAmount - cumulativeRefundAmount
+
+	if remaining <= refundEpsilon {
+		update := bson.M{"$set": bson.M{
+			"is_deleted": true,
+			"updated_at": now,
+			"remark":     fmt.Sprintf("[退款核销]全额退款%.2f元(原金额%.2f元);%s", cumulativeRefundAmount, originalAmount, bill.Remark),
+		}}
+		_, err := r.cleanedCollection.UpdateOne(ctx, bson.M{"_id": bill.ID}, update)
+		if err != nil {
+			return false, fmt.Errorf("核销微信退款失败: %w", err)
+		}
+		return true, nil
+	}
+
+	remaining = math.Round(remaining*100) / 100
+	update := bson.M{"$set": bson.M{
+		"amount":     remaining,
+		"updated_at": now,
+		"remark":     fmt.Sprintf("原金额%.2f元,已退款%.2f元;%s", originalAmount, cumulativeRefundAmount, bill.Remark),
+	}}
+	_, err := r.cleanedCollection.UpdateOne(ctx, bson.M{"_id": bill.ID}, update)
+	if err != nil {
+		return false, fmt.Errorf("核销微信退款失败: %w", err)
+	}
+	return true, nil
+}
+
+// 建议: 为提升查询性能，可为 bills_cleaned 添加索引
+// {transaction_id:1, bill_type:1} 和 {merchant_order_no:1, bill_type:1}
+
 // GetClient 获取 MongoDB 客户端（用于兼容旧代码）
 func (r *Repository) GetClient() *mongo.Client {
 	return r.client

server/repository/repository.go

@@ -56,4 +56,16 @@ type BillRepository interface {
 	// 用于避免京东账单与其他来源（微信、支付宝）账单重复计算
 	// 返回: 删除数量、错误
 	SoftDeleteJDRelatedBills() (int64, error)
+
+	// ReconcileRefund 将跨批次退款核销到已存储的清洗后账单
+	// 按 bill_type + (transaction_id == orderNo 或 merchant_order_no == merchantOrderNo) 查找未删除记录
+	// 全额退款（剩余金额 <= 0.005）则软删除；部分退款则扣减 amount 并追加备注
+	// 返回: 是否找到并核销了匹配记录、错误（未找到匹配记录不算错误，返回 matched=false）
+	ReconcileRefund(billType, orderNo, merchantOrderNo string, refundAmount float64, refundTime, merchant, description, refundOrderNo string) (matched bool, err error)
+
+	// ReconcileWechatRefund 将跨批次微信退款核销到已存储的清洗后账单
+	// 微信退款通过重复上传时"当前状态"字段携带退款信息来触发
+	// fullRefund=true 时软删除原记录；否则用 original_amount - cumulativeRefundAmount 计算剩余金额
+	// 返回: 是否找到并核销了匹配记录、错误
+	ReconcileWechatRefund(transactionID string, fullRefund bool, cumulativeRefundAmount float64) (matched bool, err error)
 }

server/router/router.go

@@ -46,6 +46,9 @@ func setupAPIRoutes(r *gin.Engine) {
 		api.POST("/auth/login", handler.Login)
 		api.GET("/auth/validate", handler.ValidateToken)
 
+		// 公开接口（无需登录）
+		api.GET("/changelog", handler.GetChangelog)
+
 		// 需要登录的 API
 		authed := api.Group("/")
 		authed.Use(middleware.AuthRequired())
@@ -59,6 +62,9 @@ func setupAPIRoutes(r *gin.Engine) {
 			// 账单查询
 			authed.GET("/bills", handler.ListBills)
 
+			// 导出账单
+			authed.GET("/bills/export", handler.ExportBills)
+
 			// 编辑账单
 			authed.POST("/bills/:id", handler.UpdateBill)
 

server/service/bill.go

@@ -23,6 +23,13 @@ func getRepo() repository.BillRepository {
 	return repository.GetRepository()
 }
 
+// WechatRefundUpdate 微信重复行中携带的退款信息（用于跨批次退款核销）
+type WechatRefundUpdate struct {
+	TransactionID          string  // 原消费行的交易单号
+	FullRefund             bool    // 是否全额退款（已全额退款）
+	CumulativeRefundAmount float64 // 累计退款金额（已退款(¥X)中的 X，与原始金额相减得剩余）
+}
+
 // DeduplicateResult 去重结果
 type DeduplicateResult struct {
 	OriginalCount       int                  // 原始记录数
@@ -30,6 +37,7 @@ type DeduplicateResult struct {
 	NewCount            int                  // 新记录数
 	DedupFilePath       string               // 去重后的文件路径（如果有去重则生成新文件）
 	BillType            string               // 检测到的账单类型
+	WechatRefundUpdates []WechatRefundUpdate // 微信重复行中检测到的退款状态（用于跨批次核销）
 }
 
 // DeduplicateRawFile 对原始文件进行去重检查，返回去重后的文件路径
@@ -75,6 +83,17 @@ func DeduplicateRawFile(filePath, uploadBatch string) (*DeduplicateResult, error
 		return result, nil
 	}
 
+	// 对于微信账单，找到"当前状态"列的索引，用于检测退款状态
+	wechatStatusIdx := -1
+	if billType == "wechat" {
+		for i, col := range header {
+			if col == "当前状态" {
+				wechatStatusIdx = i
+				break
+			}
+		}
+	}
+
 	// 检查每行是否重复
 	var newRows [][]string
 	for _, row := range dataRows {
@@ -101,6 +120,24 @@ func DeduplicateRawFile(filePath, uploadBatch string) (*DeduplicateResult, error
 			newRows = append(newRows, row)
 		} else {
 			result.DuplicateCount++
+			// 微信账单：检查重复行是否携带退款状态（跨批次退款核销）
+			if wechatStatusIdx >= 0 && len(row) > wechatStatusIdx {
+				status := strings.TrimSpace(row[wechatStatusIdx])
+				if strings.Contains(status, "已全额退款") {
+					result.WechatRefundUpdates = append(result.WechatRefundUpdates, WechatRefundUpdate{
+						TransactionID: transactionID,
+						FullRefund:    true,
+					})
+				} else if strings.Contains(status, "已退款") {
+					if amount := extractWechatRefundAmount(status); amount > 0 {
+						result.WechatRefundUpdates = append(result.WechatRefundUpdates, WechatRefundUpdate{
+							TransactionID:          transactionID,
+							FullRefund:             false,
+							CumulativeRefundAmount: amount,
+						})
+					}
+				}
+			}
 		}
 	}
 
@@ -337,6 +374,7 @@ func saveCleanedBillsFromCSV(filePath, billType, sourceFile, uploadBatch string)
 			bill.ReviewLevel = row[idx]
 		}
 
+		bill.OriginalAmount = bill.Amount
 		bills = append(bills, bill)
 	}
 
@@ -431,6 +469,7 @@ func saveCleanedBillsFromJSON(filePath, billType, sourceFile, uploadBatch string
 			bill.ReviewLevel = v
 		}
 
+		bill.OriginalAmount = bill.Amount
 		bills = append(bills, bill)
 	}
 
@@ -512,3 +551,28 @@ func parseAmount(s string) float64 {
 	}
 	return 0
 }
+
+// extractWechatRefundAmount 从微信"当前状态"字段中提取累计退款金额
+// 支持格式: "已退款(¥3.00)"、"已退款(￥3.00)"、"已退款￥3.00"
+func extractWechatRefundAmount(status string) float64 {
+	start := strings.Index(status, "(")
+	end := strings.LastIndex(status, ")")
+	var inner string
+	if start >= 0 && end > start {
+		inner = status[start+1 : end]
+	} else {
+		idx := strings.Index(status, "已退款")
+		if idx < 0 {
+			return 0
+		}
+		inner = status[idx+len("已退款"):]
+	}
+	inner = strings.TrimPrefix(inner, "¥")
+	inner = strings.TrimPrefix(inner, "￥")
+	inner = strings.TrimSpace(inner)
+	v, err := strconv.ParseFloat(inner, 64)
+	if err != nil {
+		return 0
+	}
+	return v
+}

server/service/changelog.go

@@ -0,0 +1,128 @@
+package service
+
+import (
+	"bufio"
+	"fmt"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+// ChangelogEntry 变更日志条目
+type ChangelogEntry struct {
+	Version string              `json:"version"`
+	Date    string              `json:"date"`
+	Changes map[string][]string `json:"changes"`
+}
+
+// ParseChangelog 解析 CHANGELOG.md 文件
+func ParseChangelog() ([]ChangelogEntry, error) {
+	// 获取项目根目录
+	rootDir := os.Getenv("PROJECT_ROOT")
+	if rootDir == "" {
+		// 使用二进制文件所在目录作为基准
+		execPath, err := os.Executable()
+		if err == nil {
+			rootDir = filepath.Dir(execPath)
+		}
+	}
+
+	changelogPath := filepath.Join(rootDir, "CHANGELOG.md")
+
+	file, err := os.Open(changelogPath)
+	if err != nil {
+		return nil, fmt.Errorf("打开 CHANGELOG.md 失败: %w", err)
+	}
+	defer file.Close()
+
+	var entries []ChangelogEntry
+	var currentEntry *ChangelogEntry
+	var currentCategory string
+
+	scanner := bufio.NewScanner(file)
+	for scanner.Scan() {
+		line := scanner.Text()
+
+		// 匹配版本号行 ## [1.4.0] - 2026-03-23
+		if strings.HasPrefix(line, "## [") && strings.Contains(line, "]") {
+			// 保存前一个 entry
+			if currentEntry != nil {
+				entries = append(entries, *currentEntry)
+			}
+
+			// 解析版本号和日期
+			version, date := parseVersionLine(line)
+			if version != "" && version != "Unreleased" {
+				currentEntry = &ChangelogEntry{
+					Version: version,
+					Date:    date,
+					Changes: make(map[string][]string),
+				}
+				currentCategory = ""
+			} else {
+				currentEntry = nil
+			}
+			continue
+		}
+
+		// 跳过 Unreleased 和其他非版本行
+		if currentEntry == nil {
+			continue
+		}
+
+		// 匹配分类行 ### 新增、### 优化等
+		if strings.HasPrefix(line, "### ") {
+			currentCategory = strings.TrimPrefix(line, "### ")
+			if currentEntry.Changes[currentCategory] == nil {
+				currentEntry.Changes[currentCategory] = []string{}
+			}
+			continue
+		}
+
+		// 匹配项目行 - 项目描述
+		if strings.HasPrefix(line, "- ") && currentCategory != "" {
+			item := strings.TrimPrefix(line, "- ")
+			// 移除加粗标记和链接等
+			item = cleanItem(item)
+			currentEntry.Changes[currentCategory] = append(currentEntry.Changes[currentCategory], item)
+		}
+	}
+
+	// 保存最后一个 entry
+	if currentEntry != nil {
+		entries = append(entries, *currentEntry)
+	}
+
+	if err := scanner.Err(); err != nil {
+		return nil, fmt.Errorf("扫描文件失败: %w", err)
+	}
+
+	return entries, nil
+}
+
+// parseVersionLine 解析版本行 ## [1.4.0] - 2026-03-23
+func parseVersionLine(line string) (version, date string) {
+	// 提取版本号
+	startIdx := strings.Index(line, "[")
+	endIdx := strings.Index(line, "]")
+	if startIdx >= 0 && endIdx > startIdx {
+		version = line[startIdx+1 : endIdx]
+	}
+
+	// 提取日期
+	dateStartIdx := strings.LastIndex(line, "- ") + 2
+	if dateStartIdx > 1 {
+		date = strings.TrimSpace(line[dateStartIdx:])
+	}
+
+	return
+}
+
+// cleanItem 清理项目描述（移除加粗标记等）
+func cleanItem(item string) string {
+	// 移除加粗标记 **text**
+	item = strings.ReplaceAll(item, "**", "")
+	// 移除代码标记 `text`
+	item = strings.ReplaceAll(item, "`", "")
+	return strings.TrimSpace(item)
+}

server/service/changelog_test.go

@@ -0,0 +1,38 @@
+package service
+
+import (
+	"os"
+	"testing"
+)
+
+func TestParseChangelog(t *testing.T) {
+	// 设置项目根目录
+	os.Setenv("PROJECT_ROOT", "../..")
+
+	changelog, err := ParseChangelog()
+	if err != nil {
+		t.Fatalf("ParseChangelog failed: %v", err)
+	}
+
+	if len(changelog) == 0 {
+		t.Fatal("No changelog entries parsed")
+	}
+
+	// 验证第一个条目（应该是 1.4.0）
+	firstEntry := changelog[0]
+	t.Logf("First entry: v%s - %s", firstEntry.Version, firstEntry.Date)
+
+	if firstEntry.Version != "1.4.0" {
+		t.Errorf("Expected first version to be 1.4.0, got %s", firstEntry.Version)
+	}
+
+	if len(firstEntry.Changes) == 0 {
+		t.Error("First entry has no changes")
+	}
+
+	// 打印所有版本
+	t.Logf("Total versions: %d", len(changelog))
+	for _, entry := range changelog {
+		t.Logf("  - v%s: %d categories", entry.Version, len(entry.Changes))
+	}
+}

web/src/lib/api.ts

@@ -5,7 +5,7 @@ import type { UIBill } from '$lib/models/bill';
 // API 配置 - 使用相对路径，由 SvelteKit 代理到后端
 const API_BASE = '';
 
-async function apiFetch(input: RequestInfo | URL, init: RequestInit = {}) {
+export async function apiFetch(input: RequestInfo | URL, init: RequestInit = {}) {
   const headers = new Headers(init.headers);
 
   if (browser) {
@@ -316,6 +316,46 @@ export async function fetchBills(params: FetchBillsParams = {}): Promise<BillsRe
   return response.json();
 }
 
+// 导出账单为 Excel
+export async function exportBills(params: FetchBillsParams = {}): Promise<void> {
+  const searchParams = new URLSearchParams();
+  
+  if (params.start_date) searchParams.set('start_date', params.start_date);
+  if (params.end_date) searchParams.set('end_date', params.end_date);
+  if (params.category) searchParams.set('category', params.category);
+  if (params.type) searchParams.set('type', params.type);
+  if (params.income_expense) searchParams.set('income_expense', params.income_expense);
+  
+  const queryString = searchParams.toString();
+  const url = `${API_BASE}/api/bills/export${queryString ? '?' + queryString : ''}`;
+  
+  const response = await apiFetch(url);
+  
+  if (!response.ok) {
+    throw new Error(`HTTP ${response.status}`);
+  }
+  
+  const blob = await response.blob();
+  const contentDisposition = response.headers.get('Content-Disposition');
+  let filename = `bills_${new Date().toISOString().slice(0, 10)}.xlsx`;
+  
+  if (contentDisposition) {
+    const match = contentDisposition.match(/filename[^;=\n]*=((['"]).*?\2|[^;\n]*)/);
+    if (match && match[1]) {
+      filename = match[1].replace(/['"]/g, '');
+    }
+  }
+  
+  const objectUrl = window.URL.createObjectURL(blob);
+  const a = document.createElement('a');
+  a.href = objectUrl;
+  a.download = filename;
+  document.body.appendChild(a);
+  a.click();
+  document.body.removeChild(a);
+  window.URL.revokeObjectURL(objectUrl);
+}
+
 // 手动输入账单数据
 export interface ManualBillInput {
   time: string;

web/src/lib/components/ChangelogDrawer.svelte

@@ -3,77 +3,48 @@
 	import { Button } from '$lib/components/ui/button';
 	import Calendar from '@lucide/svelte/icons/calendar';
 	import Tag from '@lucide/svelte/icons/tag';
+	import { onMount } from 'svelte';
+	import { apiFetch } from '$lib/api';
 
 	let { open = $bindable(false) } = $props();
 
-	// Changelog 内容（从 CHANGELOG.md 解析或硬编码）
-	const changelog = [
-		{
-			version: '1.3.1',
-			date: '2026-01-26',
-			changes: {
-				优化: [
-					'版本号显示优化 - 侧边栏版本号按钮样式改进',
-					'移至次级导航区域，与其他菜单项样式一致',
-					'更新日志改用 Sheet 组件（右侧滑出），替代底部 Drawer',
-					'统一暗色主题下的视觉效果'
-				]
+	interface ChangelogEntry {
+		version: string;
+		date: string;
+		changes: Record<string, string[]>;
 	}
-		},
-		{
-			version: '1.3.0',
-			date: '2026-01-26',
-			changes: {
-				新增: [
-					'京东账单支持 - 支持京东白条账单上传和清洗',
-					'自动识别京东账单类型（交易流水 ZIP）',
-					'解析京东白条账单 CSV 格式（含还款日期信息）',
-					'京东专属分类映射配置',
-					'支持京东外卖、京东平台商户等商户识别',
-					'上传页面和账单列表页面添加"京东"选项'
-				],
-				优化: [
-					'京东订单智能去重 - 上传京东账单时自动软删除其他来源中的京东订单',
-					'分类推断复核等级优化 - 京东账单引入 LOW 复核等级',
-					'京东平台商户关键词扩展'
-				],
-				技术改进: [
-					'新增京东账单清理器',
-					'新增京东专属配置',
-					'后端新增软删除接口',
-					'新增单元测试（11 个测试用例）'
-				]
+
+	let changelog = $state<ChangelogEntry[]>([]);
+	let isLoading = $state(false);
+	let error = $state<string | null>(null);
+
+	// 获取更新日志
+	async function fetchChangelog() {
+		isLoading = true;
+		error = null;
+		try {
+			const response = await apiFetch('/api/changelog');
+			if (!response.ok) {
+				throw new Error(`HTTP ${response.status}`);
 			}
-		},
-		{
-			version: '1.2.1',
-			date: '2026-01-23',
-			changes: {
-				优化: [
-					'智能复核快捷确认 - 在复核列表每行添加快捷确认按钮',
-					'无需打开详情页面即可确认分类正确',
-					'自动更新统计数据',
-					'提升复核效率，支持快速批量确认'
-				],
-				文档: ['AGENTS.md 更新 - 精简为 150 行，专为 AI 编程助手设计']
+			const data = await response.json();
+			if (data.result && Array.isArray(data.data)) {
+				changelog = data.data;
+			} else {
+				throw new Error('Invalid response format');
 			}
-		},
-		{
-			version: '1.2.0',
-			date: '2026-01-25',
-			changes: {
-				新增: [
-					'账单删除功能 - 支持在账单详情抽屉中删除账单（软删除）',
-					'删除按钮带二次确认，防止误操作',
-					'已删除的账单在所有查询中自动过滤'
-				],
-				技术改进: [
-					'后端 MongoDB 查询方法添加软删除过滤',
-					'新增 DELETE /api/bills/:id 接口'
-				]
+		} catch (err) {
+			error = err instanceof Error ? err.message : 'Failed to fetch changelog';
+			console.error('Failed to fetch changelog:', err);
+		} finally {
+			isLoading = false;
 		}
 	}
-	];
+
+	// 组件挂载时获取数据
+	onMount(() => {
+		fetchChangelog();
+	});
 </script>
 
 <Sheet.Root bind:open>
@@ -86,6 +57,19 @@
 		</Sheet.Header>
 
 	<div class="flex-1 overflow-y-auto py-6">
+		{#if isLoading}
+			<div class="flex items-center justify-center py-8">
+				<div class="text-muted-foreground">加载中...</div>
+			</div>
+		{:else if error}
+			<div class="flex items-center justify-center py-8">
+				<div class="text-destructive text-sm">{error}</div>
+			</div>
+		{:else if changelog.length === 0}
+			<div class="flex items-center justify-center py-8">
+				<div class="text-muted-foreground">暂无更新日志</div>
+			</div>
+		{:else}
 			<div class="space-y-8">
 				{#each changelog as release}
 					<div class="space-y-3">
@@ -120,6 +104,7 @@
 					</div>
 				{/each}
 			</div>
+		{/if}
 	</div>
 
 		<Sheet.Footer class="border-t pt-4">

web/src/lib/components/analysis/BillDetailDrawer.svelte

@@ -263,7 +263,7 @@
         {:else}
           <div>
             <div class="text-center mb-6">
-              <div class="text-3xl font-bold font-mono {record.incomeExpense === '收入' ? 'text-green-600 dark:text-green-400' : 'text-red-600 dark:text-red-400'}">
+              <div class="text-3xl font-bold font-mono {record.incomeExpense === '收入' ? 'text-green-600 dark:text-green-400' : record.incomeExpense === '不计收支' ? 'text-muted-foreground' : 'text-red-600 dark:text-red-400'}">
                 ¥{record.amount.toFixed(2)}
               </div>
               <div class="text-sm text-muted-foreground mt-1">{record.incomeExpense || '支出'}金额</div>

web/src/lib/components/analysis/DailyTrendChart.svelte

@@ -199,6 +199,20 @@
       dayData.set(category, (dayData.get(category) || 0) + amount);
     });
 
+    // 填充缺失的日期（零支出日期）
+    const now = new Date();
+    const allDates: string[] = [];
+    const cursor = new Date(cutoffDate);
+    while (cursor <= now) {
+      allDates.push(formatLocalDate(cursor));
+      cursor.setDate(cursor.getDate() + 1);
+    }
+    allDates.forEach(dateStr => {
+      if (!dailyMap.has(dateStr)) {
+        dailyMap.set(dateStr, new Map());
+      }
+    });
+
     const dayCount = dailyMap.size;
     
     // 根据天数决定聚合粒度

web/src/routes/bills/+page.svelte

@@ -16,6 +16,7 @@
   import { cleanedBillToUIBill, type UIBill } from '$lib/models/bill';
   import { categories } from '$lib/data/categories';
 import { formatLocalDate, formatDateTime } from '$lib/utils';
+import { exportBills } from '$lib/api';
 import Loader2 from '@lucide/svelte/icons/loader-2';
   import AlertCircle from '@lucide/svelte/icons/alert-circle';
   import Search from '@lucide/svelte/icons/search';
@@ -29,6 +30,7 @@
 import RefreshCw from '@lucide/svelte/icons/refresh-cw';
 import Plus from '@lucide/svelte/icons/plus';
 import List from '@lucide/svelte/icons/list';
+import Download from '@lucide/svelte/icons/download';
   
   // 状态
   let isLoading = $state(false);
@@ -221,6 +223,29 @@
       totalIncome = Math.max(0, totalIncome - deleted.amount);
     }
   }
+
+  // 导出 Excel
+  let isExporting = $state(false);
+  let exportError = $state('');
+  
+  async function handleExport() {
+    isExporting = true;
+    exportError = '';
+    
+    try {
+      await exportBills({
+        start_date: startDate || undefined,
+        end_date: endDate || undefined,
+        category: filterCategory || undefined,
+        type: filterBillType || undefined,
+        income_expense: filterIncomeExpense || undefined,
+      });
+    } catch (err) {
+      exportError = err instanceof Error ? err.message : '导出失败';
+    } finally {
+      isExporting = false;
+    }
+  }
 </script>
 
 <svelte:head>
@@ -240,6 +265,10 @@
           <RefreshCw class="mr-2 h-4 w-4 {isLoading ? 'animate-spin' : ''}" />
           刷新
         </Button>
+        <Button variant="outline" onclick={handleExport} disabled={isExporting || totalRecords === 0}>
+          <Download class="mr-2 h-4 w-4 {isExporting ? 'animate-spin' : ''}" />
+          导出 Excel
+        </Button>
       {/if}
     </div>
   </div>