feat: 实现 Auth 全局状态机与 401 统一处理机制

- 新增 AuthSessionInvalidated 事件处理 token 失效场景
- ApiInterceptor 新增 authFailureCallback 单飞机制
- AuthBloc 区分 manual logout 与 auto expiry 语义
- 新增 startup recovery fallback 防止启动卡死

feat: 重构 Calendar DayWeek 视图事件布局引擎

- 新增 DayEventLayoutEngine 解耦事件计算与渲染
- 新增 DayTimelineMetrics 统一时间轴常量
- 新增 DayViewScale 支持捏合缩放

feat: 新增 Settings 页面共享 UI 组件

- 新增 BackTitlePageHeader 统一页面 header
- 新增 DetailHeaderActionMenu 统一操作菜单
- 新增 DestructiveActionSheet 统一删除确认
- 新增 AppToggleSwitch 统一开关组件

feat: Chat UI Schema 支持导航操作

- 支持 navigation 类型 action 触发内部路由跳转
- 新增路径验证与参数处理

chore: 更新相关测试覆盖 auth 失效路径

apps/AGENTS.md

@@ -28,6 +28,19 @@ This document defines **hard constraints** for Flutter mobile development. Treat
 - **MUST NOT** introduce parallel UI systems (e.g., custom button styles, custom loading indicators) that duplicate existing shared components.
 - When creating new UI components, ensure they follow the design tokens and visual design language.
 
+## 2.1) Navigation/Header Reuse Rules (MUST)
+
+- For page groups with clear parent-child relationships (e.g., Settings and its subpages), **MUST** use one shared header pattern: back button + page title.
+- **MUST** extract shared page scaffolds/header wrappers instead of duplicating `SafeArea + header + scroll` structures across sibling pages.
+- Detail-page right-side actions (edit/delete/share etc.) **MUST** use a shared action-menu component, not per-page ad-hoc button groups.
+- Header action menus **MUST NOT** overlap the trigger button area; menu surfaces should open below/right-aligned to the trigger and preserve title readability.
+
+## 2.2) Interaction Surface Reuse Rules (MUST)
+
+- Repeated state-switch controls (toggle/switch UI) **MUST** be extracted into shared widgets.
+- Destructive confirmations (delete/remove) **MUST** use shared project-style confirmation surfaces (e.g., unified action sheet), not platform-default dialog styles.
+- **MUST NOT** use raw platform-default popup/dialog/dropdown visuals when they break project visual language; use token-driven shared components instead.
+
 ## 3) Layout Mapping & Alignment (MUST)
 
 - **MUST** explicitly set `crossAxisAlignment` for every `Row` / `Column` (do not rely on defaults).
@@ -118,3 +131,24 @@ Before finalizing any UI, mentally verify:
 - Does the screen feel calm and premium?
 - Is the assistant identity visually present?
 - Would this look plausible in a polished shipping app?
+
+## 9) Auth Global Module Rules (MUST)
+
+Auth is a global module. All auth/session behavior MUST follow a single state machine.
+
+- **MUST** treat `AuthBloc` as the single source of truth for authentication state.
+- **MUST NOT** implement ad-hoc auth state in feature modules (no parallel flags, no local auth caches).
+- **MUST** route all 401 refresh-failure handling through the global callback chain:
+  `ApiInterceptor -> ApiClient auth failure callback -> AuthBloc(AuthSessionInvalidated)`.
+- **MUST NOT** clear tokens directly inside feature/page code.
+- **MUST NOT** navigate to login directly from feature code on token errors; rely on router redirect driven by global auth state.
+- **MUST** distinguish logout semantics:
+  - manual logout: revoke server session + clear local session
+  - auto expiry/logout on refresh failure: clear local session only
+- **MUST** ensure startup session recovery has exception fallback and never leaves app stuck in boot/loading state.
+- **MUST** add/maintain tests for:
+  - startup recovery fallback
+  - concurrent 401 refresh failure singleflight
+  - session invalidation -> unauthenticated redirect path
+
+If a new auth-related requirement cannot fit this model, update this section first, then implement code.