feat(usage): add support for access token and user ID in usage scripts

Add optional accessToken and userId fields to usage query scripts,
enabling queries to authenticated endpoints like /api/user/self.

Changes:
- Add accessToken and userId fields to UsageScript type (frontend & backend)
- Extend script engine to support {{accessToken}} and {{userId}} placeholders
- Update NewAPI preset template to use /api/user/self endpoint
- Add UI inputs for access token and user ID in UsageScriptModal
- Pass new parameters through service layer to script executor

This allows users to query usage data from endpoints that require
login credentials, providing more accurate balance information for
services like NewAPI/OneAPI platforms.

src-tauri/src/provider.rs

@@ -63,6 +63,14 @@ pub struct UsageScript {
     pub code: String,
     #[serde(skip_serializing_if = "Option::is_none")]
     pub timeout: Option<u64>,
+    /// 访问令牌（用于需要登录的接口）
+    #[serde(skip_serializing_if = "Option::is_none")]
+    #[serde(rename = "accessToken")]
+    pub access_token: Option<String>,
+    /// 用户ID（用于需要用户标识的接口）
+    #[serde(skip_serializing_if = "Option::is_none")]
+    #[serde(rename = "userId")]
+    pub user_id: Option<String>,
 }
 
 /// 用量数据

src-tauri/src/services/provider.rs

@@ -717,7 +717,7 @@ impl ProviderService {
         app_type: AppType,
         provider_id: &str,
     ) -> Result<UsageResult, AppError> {
-        let (provider, script_code, timeout) = {
+        let (provider, script_code, timeout, access_token, user_id) = {
             let config = state.config.read().map_err(AppError::from)?;
             let manager = config
                 .get_manager(&app_type)
@@ -727,7 +727,7 @@ impl ProviderService {
                 .get(provider_id)
                 .cloned()
                 .ok_or_else(|| AppError::ProviderNotFound(provider_id.to_string()))?;
-            let (script_code, timeout) = {
+            let (script_code, timeout, access_token, user_id) = {
                 let usage_script = provider
                     .meta
                     .as_ref()
@@ -749,15 +749,26 @@ impl ProviderService {
                 (
                     usage_script.code.clone(),
                     usage_script.timeout.unwrap_or(10),
+                    usage_script.access_token.clone(),
+                    usage_script.user_id.clone(),
                 )
             };
 
-            (provider, script_code, timeout)
+            (provider, script_code, timeout, access_token, user_id)
         };
 
         let (api_key, base_url) = Self::extract_credentials(&provider, &app_type)?;
 
-        match usage_script::execute_usage_script(&script_code, &api_key, &base_url, timeout).await {
+        match usage_script::execute_usage_script(
+            &script_code,
+            &api_key,
+            &base_url,
+            timeout,
+            access_token.as_deref(),
+            user_id.as_deref(),
+        )
+        .await
+        {
             Ok(data) => {
                 let usage_list: Vec<UsageData> = if data.is_array() {
                     serde_json::from_value(data)

src-tauri/src/usage_script.rs

@@ -12,12 +12,22 @@ pub async fn execute_usage_script(
     api_key: &str,
     base_url: &str,
     timeout_secs: u64,
+    access_token: Option<&str>,
+    user_id: Option<&str>,
 ) -> Result<Value, AppError> {
     // 1. 替换变量
-    let replaced = script_code
+    let mut replaced = script_code
         .replace("{{apiKey}}", api_key)
         .replace("{{baseUrl}}", base_url);
 
+    // 替换 accessToken 和 userId
+    if let Some(token) = access_token {
+        replaced = replaced.replace("{{accessToken}}", token);
+    }
+    if let Some(uid) = user_id {
+        replaced = replaced.replace("{{userId}}", uid);
+    }
+
     // 2. 在独立作用域中提取 request 配置（确保 Runtime/Context 在 await 前释放）
     let request_config = {
         let runtime =