feat: 更新环境配置和错误处理逻辑

- 更新后端端口号和环境配置，添加Redis支持
- 改进错误处理，添加带消息的未授权和禁止访问错误
- 优化前端登录流程和错误提示
- 更新前端页面标题和欢迎信息
- 清理未使用的代码模块

backend/src/services/auth_service.rs

@@ -7,10 +7,17 @@ use sea_orm::ActiveValue::NotSet;
 pub struct LoginResult { pub user: user::Model, pub access: String, pub refresh: String }
 
 pub async fn login(db: &Db, username: String, password_plain: String) -> Result<LoginResult, AppError> {
-    let u = user::Entity::find().filter(user::Column::Username.eq(username.clone())).one(db).await?.ok_or(AppError::Unauthorized)?;
-    if u.status != 1 { return Err(AppError::Forbidden); }
-    let ok = password::verify_password(&password_plain, &u.password_hash).map_err(|_| AppError::Unauthorized)?;
-    if !ok { return Err(AppError::Unauthorized); }
+    let u = user::Entity::find()
+        .filter(user::Column::Username.eq(username.clone()))
+        .one(db)
+        .await?
+        .ok_or(AppError::UnauthorizedMsg("用户名或密码错误".into()))?;
+
+    if u.status != 1 { return Err(AppError::ForbiddenMsg("账户已禁用".into())); }
+
+    let ok = password::verify_password(&password_plain, &u.password_hash)
+        .map_err(|_| AppError::UnauthorizedMsg("用户名或密码错误".into()))?;
+    if !ok { return Err(AppError::UnauthorizedMsg("用户名或密码错误".into())); }
     
     let access_claims = crate::middlewares::jwt::new_access_claims(u.id, &u.username);
     let refresh_claims = crate::middlewares::jwt::new_refresh_claims(u.id, &u.username);
@@ -79,7 +86,7 @@ pub async fn rotate_refresh(db: &Db, uid: i64, old_refresh: String) -> Result<(S
     let existing = refresh_token::Entity::find().filter(refresh_token::Column::UserId.eq(uid)).filter(refresh_token::Column::TokenHash.eq(token_hash.clone())).one(db).await?;
     
     if !is_valid_redis && existing.is_none() { 
-        return Err(AppError::Unauthorized); 
+        return Err(AppError::Unauthorized);
     }
 
     let u = user::Entity::find_by_id(uid).one(db).await?.ok_or(AppError::Unauthorized)?;