feat(auth): 实现 Refresh Token 机制

- 新增 Access Token + Refresh Token 双令牌认证
- 支持 Token 自动刷新和轮转
- 添加登出和撤销所有会话接口
- 前端实现无感刷新和主动刷新定时器

frontend/src/views/auth/LinuxDoCallbackView.vue

@@ -71,6 +71,8 @@ onMounted(async () => {
   const params = parseFragmentParams()
 
   const token = params.get('access_token') || ''
+  const refreshToken = params.get('refresh_token') || ''
+  const expiresInStr = params.get('expires_in') || ''
   const redirect = sanitizeRedirectPath(
     params.get('redirect') || (route.query.redirect as string | undefined) || '/dashboard'
   )
@@ -92,6 +94,17 @@ onMounted(async () => {
   }
 
   try {
+    // Store refresh token and expires_at (convert to timestamp) if provided
+    if (refreshToken) {
+      localStorage.setItem('refresh_token', refreshToken)
+    }
+    if (expiresInStr) {
+      const expiresIn = parseInt(expiresInStr, 10)
+      if (!isNaN(expiresIn)) {
+        localStorage.setItem('token_expires_at', String(Date.now() + expiresIn * 1000))
+      }
+    }
+
     await authStore.setToken(token)
     appStore.showSuccess(t('auth.loginSuccess'))
     await router.replace(redirect)