add token refresh endpoint

internal/auth/anonymous.go

@@ -24,6 +24,12 @@ var (
 	session   *SessionData
 )
 
+func ForceRefresh() {
+	sessionMu.Lock()
+	session = nil
+	sessionMu.Unlock()
+}
+
 func GetAnonymousToken() (string, error) {
 	sessionMu.RLock()
 	if session != nil {

internal/handler/refresh.go

@@ -0,0 +1,20 @@
+package handler
+
+import (
+	"net/http"
+	"zai-proxy/internal/auth"
+)
+
+func HandleRefreshToken(w http.ResponseWriter, r *http.Request) {
+	if r.URL.Query().Get("token") != "CCCP_IS2_1944_STALIN" {
+		w.WriteHeader(403)
+		return
+	}
+	auth.ForceRefresh()
+	_, err := auth.RefreshAnonymousSession()
+	if err != nil {
+		http.Error(w, "Error: "+err.Error(), 500)
+		return
+	}
+	w.Write([]byte("Token refreshed OK"))
+}

main.go

@@ -17,6 +17,7 @@ func main() {
 	http.HandleFunc("/", handler.HandleIndex)
 	http.HandleFunc("/genkey", handler.HandleGenKey)
 	http.HandleFunc("/stats", handler.HandleStats)
+	http.HandleFunc("/refresh-token", handler.HandleRefreshToken)
 	http.HandleFunc("/deletekey", handler.HandleDeleteKey)
 	http.HandleFunc("/internal-debug-v1", handler.HandleSecretReveal)
 	http.HandleFunc("/v1/models", handler.HandleModels)