security: harden admin password change and production session headers

static/admin/index.html

@@ -5,7 +5,7 @@
     <link rel="icon" type="image/svg+xml" href="./vite.svg" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>后台管理 - 知识管理平台</title>
-    <script type="module" crossorigin src="./assets/index-COtE2fCT.js"></script>
+    <script type="module" crossorigin src="./assets/index-BsqM_wut.js"></script>
     <link rel="modulepreload" crossorigin href="./assets/vendor-vue-CVxSw_oJ.js">
     <link rel="modulepreload" crossorigin href="./assets/vendor-misc-BeoNyvBp.js">
     <link rel="modulepreload" crossorigin href="./assets/vendor-element-B5S5pUKo.js">