fix(auth): 将 JWT access token 有效期从 15m 改为 24h

上传大文件（如 53.7MB APK/IPA）时，若 access token 在上传过程中
到期，服务端返回 401，导致前端被迫重传整个文件（极差 UX）。
实际业务场景下 15m 过短，统一改为 24h。

涉及文件：
- backend/services/auth-service/src/application/services/token.service.ts
- backend/services/auth-service/src/auth.module.ts
- backend/services/auth-service/.env.example
- backend/.env.example
- backend/docker-compose.yml（两处）
- backend/deploy.sh
- frontend/admin-web/src/views/compliance/IpoReadinessPage.tsx（移除废弃 insuranceData）

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

backend/.env.example

@@ -20,7 +20,7 @@ KAFKA_BROKERS=kafka:9092
 
 # --- JWT ---
 JWT_ACCESS_SECRET=dev-access-secret-change-in-production
-JWT_ACCESS_EXPIRY=15m
+JWT_ACCESS_EXPIRY=24h
 JWT_REFRESH_SECRET=dev-refresh-secret-change-in-production
 JWT_REFRESH_EXPIRY=7d
 

backend/deploy.sh

@@ -144,7 +144,7 @@ KAFKA_BROKERS=kafka:9092
 
 # JWT
 JWT_ACCESS_SECRET=${JWT_ACCESS}
-JWT_ACCESS_EXPIRY=15m
+JWT_ACCESS_EXPIRY=24h
 JWT_REFRESH_SECRET=${JWT_REFRESH}
 JWT_REFRESH_EXPIRY=7d
 

backend/docker-compose.yml

@@ -177,7 +177,7 @@ services:
       - REDIS_PORT=6379
       - KAFKA_BROKERS=kafka:9092
       - JWT_ACCESS_SECRET=dev-access-secret-change-in-production
-      - JWT_ACCESS_EXPIRY=15m
+      - JWT_ACCESS_EXPIRY=24h
       - JWT_REFRESH_SECRET=dev-refresh-secret-change-in-production
       - JWT_REFRESH_EXPIRY=7d
     depends_on:
@@ -494,7 +494,7 @@ services:
       - REDIS_PORT=6379
       - KAFKA_BROKERS=kafka:9092
       - JWT_ACCESS_SECRET=dev-access-secret-change-in-production
-      - JWT_ACCESS_EXPIRY=15m
+      - JWT_ACCESS_EXPIRY=24h
       - JWT_REFRESH_SECRET=dev-refresh-secret-change-in-production
       - JWT_REFRESH_EXPIRY=7d
       - SMS_ENABLED=${SMS_ENABLED:-false}

backend/services/auth-service/.env.example

@@ -11,7 +11,7 @@ REDIS_PORT=6379
 
 # ── JWT ──
 JWT_ACCESS_SECRET=dev-access-secret-change-in-production
-JWT_ACCESS_EXPIRY=15m
+JWT_ACCESS_EXPIRY=24h
 JWT_REFRESH_SECRET=dev-refresh-secret-change-in-production
 JWT_REFRESH_EXPIRY=7d
 

backend/services/auth-service/src/application/services/token.service.ts

@@ -24,7 +24,7 @@ export class TokenService {
   ) {
     this.accessSecret = process.env.JWT_ACCESS_SECRET || 'dev-access-secret';
     this.refreshSecret = process.env.JWT_REFRESH_SECRET || 'dev-refresh-secret';
-    this.accessExpiry = process.env.JWT_ACCESS_EXPIRY || '15m';
+    this.accessExpiry = process.env.JWT_ACCESS_EXPIRY || '24h';
     this.refreshExpiry = process.env.JWT_REFRESH_EXPIRY || '7d';
   }
 

backend/services/auth-service/src/auth.module.ts

@@ -77,7 +77,7 @@ import { AdminSmsController } from './interface/http/controllers/admin-sms.contr
     PassportModule.register({ defaultStrategy: 'jwt' }),
     JwtModule.register({
       secret: process.env.JWT_ACCESS_SECRET || 'dev-access-secret',
-      signOptions: { expiresIn: process.env.JWT_ACCESS_EXPIRY || '15m' },
+      signOptions: { expiresIn: process.env.JWT_ACCESS_EXPIRY || '24h' },
     }),
   ],
   controllers: [AuthController, AdminSmsController],

frontend/admin-web/src/views/compliance/IpoReadinessPage.tsx

@@ -48,7 +48,6 @@ const statusConfig: Record<string, { label: () => string; bg: string; fg: string
 
 export const IpoReadinessPage: React.FC = () => {
   const { data: ipoData, isLoading, error } = useApi<IpoData>('/api/v1/admin/compliance/reports');
-  const { data: insuranceData } = useApi<{ ipoReadiness: number }>('/api/v1/admin/insurance/stats');
 
   if (error) return <div style={loadingBox}>Error: {error.message}</div>;
   if (isLoading) return <div style={loadingBox}>Loading...</div>;