feat: 添加阿里云盘扫码登录v2功能 - 新增安全的多用户并发登录支持，客户端指纹验证，会话管理和自动过期机制，优化UI体验

[lansonsam]

No description provided.

[lansonsam]

Overview

This PR introduces AliCloud QR Login v2 functionality with comprehensive security enhancements and improved user experience for the OpenList Token acquisition tool.

Key Features

Security Enhancements

• Multi-user concurrent login support with session isolation
• Client fingerprinting for device verification
• Session management with 30-minute auto-expiration
• CSRF protection with dynamic token extraction
• Access control validation with ownership verification
• Secure session ID generation using timestamp and dual randomization

User Interface Improvements

• Streamlined interface that auto-hides unnecessary fields in QR v2 mode
• Real-time status monitoring with 2-second polling intervals
• Responsive design supporting light/dark theme switching
• Comprehensive error handling with user feedback
• Automatic session cleanup post-authentication

Technical Implementation

• TypeScript implementation with full type safety
• Modular architecture with dedicated aliui2.ts module
• Modern modal-based UI design
• Client fingerprint verification using hardware characteristics
• Session-based authentication flow

File Changes

• src/aliui2.ts - New AliCloud QR v2 core module implementation
• src/index.ts - Added API route handlers for QR v2 endpoints
• public/index.html - Integrated frontend interface and interaction logic

Security Assessment

The implementation addresses multiple security vectors:

• Session hijacking prevention through fingerprint validation
• Concurrent user isolation via unique session management
• CSRF attack mitigation with dynamic token handling
• Memory leak prevention through automatic session cleanup
• Access control enforcement with HTTP 403 responses

API Endpoints

• GET /alicloud2/generate_qr - QR code generation with session creation
• GET /alicloud2/check_login - Login status verification
• GET /alicloud2/get_user_info - User information retrieval
• GET /alicloud2/logout - Session termination

Testing Coverage

• Multi-user concurrent access validation
• Session security verification
• UI responsiveness across browsers
• Error handling and recovery mechanisms
• Cross-platform compatibility testing

Usage Flow

1. Select "AliCloud QR Login v2" from dropdown
2. Click "Get Token" to initiate QR generation
3. Scan QR code using AliCloud mobile application
4. Confirm authentication on mobile device
5. Automatic token retrieval and session cleanup

This implementation resolves the session collision vulnerability identified in multi-user scenarios while maintaining backward compatibility with existing authentication methods.

[PIKACHUIM]

您的pr将会被merge，但看起来代码有点多，index的js代码我会放到单独的一个文件