fix(admin-web): only logout on explicit 401/403 from refresh endpoint

Previously any refresh failure (network error, service restart, timeout)
would clear localStorage and redirect to /login — kicking active users.
Now only a deliberate token rejection (HTTP 401/403) causes logout.
Transient errors are rejected silently without destroying the session.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

frontend/admin-web/src/infrastructure/http/http.client.ts

@@ -59,11 +59,17 @@ class HttpClient {
           console.log('[HttpClient] Token refreshed, retrying:', originalRequest.url);
           originalRequest.headers.Authorization = `Bearer ${newToken}`;
           return this.client(originalRequest);
-        } catch (refreshErr) {
-          // refresh 也失败 → 清空登录态，跳转登录
-          console.error('[HttpClient] Token refresh failed, redirecting to login:', refreshErr);
-          localStorage.removeItem('gcx-admin-auth');
-          window.location.href = '/login';
+        } catch (refreshErr: any) {
+          // 只有 refresh 接口明确拒绝（401/403）才清除登录态并跳转
+          // 网络错误、超时、服务重启导致的 5xx 不踢出用户
+          const refreshStatus = refreshErr?.response?.status;
+          if (refreshStatus === 401 || refreshStatus === 403) {
+            console.error('[HttpClient] Refresh token rejected, redirecting to login');
+            localStorage.removeItem('gcx-admin-auth');
+            window.location.href = '/login';
+          } else {
+            console.warn('[HttpClient] Token refresh failed (transient error, not logging out):', refreshErr?.message);
+          }
           return Promise.reject(error);
         }
       },