完善Token刷新架构：后端实现refreshToken轮转机制

后端：
- JwtUtil: accessToken 2h + refreshToken 30d，区分type
- AuthController: POST /api/auth/refresh 接口
- AuthService: 验证refreshToken → 轮转生成新token对
- UserService: 登录/注册返回refreshToken
- User entity: 添加refreshToken字段
- TokenFilter: 排除/api/auth/refresh路径
- SQL: sys_user添加refresh_token列

前端：
- DioClient: 刷新成功后同时保存新的refreshToken

flutter_monisuo/lib/core/network/dio_client.dart

@@ -305,8 +305,12 @@ class _TokenRefreshInterceptor extends QueuedInterceptor {
           data['code'] == '0000' &&
           data['data'] != null) {
         final newToken = data['data']['token'] as String?;
+        final newRefreshToken = data['data']['refreshToken'] as String?;
         if (newToken != null) {
           await LocalStorage.saveToken(newToken);
+          if (newRefreshToken != null) {
+            await LocalStorage.saveRefreshToken(newRefreshToken);
+          }
           debugPrint('Token 刷新成功');
           return newToken;
         }