fix(mp): auth storage 明文回退 + 首页医护跳转防重入

- auth store restore() 增加 storageGet() 回退：_es_ 加密键为空时
  尝试明文键（兼容 MCP 注入等场景），修复 inject_auth 后功能表面化
- Index 首页医护 reLaunch 添加 redirectingRef 防重入，
  避免 DevTools 中重复 reLaunch 导致卡死

apps/miniprogram/src/stores/auth.ts

@@ -3,6 +3,13 @@ import Taro from '@tarojs/taro';
 import * as authApi from '@/services/auth';
 import { secureGet, secureSet, secureRemove } from '@/utils/secure-storage';
 import { clearRequestCache, markLoggingOut, clearLoggingOut, setCachedPatientId } from '@/services/request';
+
+// secureGet fallback: _es_ 加密键为空时尝试明文键（兼容 MCP 注入等场景）
+function storageGet(key: string): string {
+  const val = secureGet(key);
+  if (val) return val;
+  return Taro.getStorageSync(key) || '';
+}
 import { resetAllStores } from './index';
 
 // --- 内存缓存，避免每次 Tab 切换重复 Storage IPC + JSON.parse ---
@@ -81,19 +88,19 @@ export const useAuthStore = create<AuthState>((set, get) => ({
   restore: () => {
     // 利用内存缓存避免重复 Storage IPC + JSON.parse
     try {
-      const userData = secureGet('user_data');
+      const userData = storageGet('user_data');
       if (userData !== cachedUserJson) {
         cachedUserJson = userData;
         cachedUserObj = userData ? JSON.parse(userData) : null;
       }
-      const rolesData = secureGet('user_roles');
+      const rolesData = storageGet('user_roles');
       if (rolesData !== cachedRolesJson) {
         cachedRolesJson = rolesData;
         cachedRolesObj = rolesData ? JSON.parse(rolesData) : [];
       }
     } catch { /* secure storage 不可用时保持默认值 */ }
     try {
-      const patientStr = secureGet('current_patient');
+      const patientStr = storageGet('current_patient');
       let patientRaw = patientStr ? JSON.parse(patientStr) : null;
       const patientJson = patientRaw ? JSON.stringify(patientRaw) : '';
       if (patientJson !== cachedPatientJson) {