feat: 新增管理后台前端项目及安全加固

refactor(saas): 重构认证中间件与限流策略
- 登录限流调整为5次/分钟/IP
- 注册限流调整为3次/小时/IP
- GET请求不计入限流

fix(saas): 修复调度器时间戳处理
- 使用NOW()替代文本时间戳
- 兼容TEXT和TIMESTAMPTZ列类型

feat(saas): 实现环境变量插值
- 支持${ENV_VAR}语法解析
- 数据库密码支持环境变量注入

chore: 新增前端管理界面
- 基于React+Ant Design Pro
- 包含路由守卫/错误边界
- 对接58个API端点

docs: 更新安全加固文档
- 新增密钥管理规范
- 记录P0安全项审计结果
- 补充TLS终止说明

test: 完善配置解析单元测试
- 新增环境变量插值测试用例

desktop/src-tauri/src/lib.rs

@@ -212,7 +212,6 @@ fn get_platform_binary_names() -> Vec<String> {
 }
 
 /// Legacy: Build staged runtime using Node.js (for backward compatibility)
-#[allow(dead_code)]
 fn build_staged_runtime_legacy(source: &str, root_dir: PathBuf) -> Option<ZclawRuntime> {
     let node_executable = root_dir.join(if cfg!(target_os = "windows") {
         "node.exe"
@@ -973,11 +972,9 @@ fn zclaw_version(app: AppHandle) -> Result<VersionResponse, String> {
 /// Health status enum
 #[derive(Debug, Clone, Serialize)]
 #[serde(rename_all = "lowercase")]
-#[allow(dead_code)] // Reserved for future health check expansion
 enum HealthStatus {
     Healthy,
     Unhealthy,
-    Unknown,
 }
 
 /// Port check result
@@ -1309,6 +1306,9 @@ pub fn run() {
     // Initialize internal ZCLAW Kernel state
     let kernel_state = kernel_commands::create_kernel_state();
 
+    // Initialize Scheduler state (for automatic trigger execution)
+    let scheduler_state = kernel_commands::create_scheduler_state();
+
     // Initialize Pipeline state (DSL-based workflows)
     let pipeline_state = pipeline_commands::create_pipeline_state();
 
@@ -1320,6 +1320,7 @@ pub fn run() {
         .manage(reflection_state)
         .manage(identity_state)
         .manage(kernel_state)
+        .manage(scheduler_state)
         .manage(kernel_commands::SessionStreamGuard::default())
         .manage(pipeline_state)
         .invoke_handler(tauri::generate_handler![