fix: CORS/API 500 issues, switch to native tabbar, restore quick-actions

- Backend: guest UUID format fix, /auth/me guest branch, UUID validation in deps.py, CORS config fix
- Frontend: switch to native tabbar (custom: false), cleanup App.vue, redesign quick-actions with colored icons, conditional wechat login, proxy API requests via Vite

backend/app/api/v1/deps.py

@@ -2,6 +2,7 @@ from fastapi import HTTPException, Depends, Header
 from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
 from app.core.security import decode_token
 from typing import Optional
+import uuid
 
 security = HTTPBearer(auto_error=False)
 
@@ -23,7 +24,16 @@ async def get_current_user_id(
     if not payload:
         raise HTTPException(status_code=401, detail="Invalid or expired token")
 
-    return payload.get("sub")
+    user_id = payload.get("sub")
+    if not user_id:
+        raise HTTPException(status_code=401, detail="Invalid token payload")
+
+    try:
+        uuid.UUID(user_id)
+    except (ValueError, AttributeError):
+        raise HTTPException(status_code=401, detail="Token expired, please login again")
+
+    return user_id
 
 
 async def get_current_user(