fix：修复重连状态与认证流程关键缺陷

scenes/Maps/BaseLevel.gd

@@ -61,8 +61,12 @@ var _player_spawned: bool = false # Track if local player has been spawned
 var _local_player: Node = null # Reference to the local player node
 var _position_update_timer: float = 0.0 # Throttle timer for position updates
 var _current_session_id: String = "" # Cache session ID to avoid race condition on exit
+var _is_joining_session: bool = false
 const POSITION_UPDATE_INTERVAL: float = 0.125 # Send at most 8 times per second
 const PRIVATE_SCENES = ["room"] # List of scenes that should be private instances
+var _join_token_poll_interval: float = 0.5
+var _join_token_wait_timeout: float = 15.0
+var _join_player_wait_timeout_frames: int = 300
 
 func _on_session_joined(data: Dictionary):
 	# 对账远程玩家列表，使用 position.mapId 过滤
@@ -199,26 +203,51 @@ func _update_remote_player_position(user: Dictionary):
 			player.update_position(Vector2(pos.x, pos.y))
 
 func _join_session_with_player(session_id: String):
-	# 检查是否有Token，如果没有则等待
-	if LocationManager._auth_token == "":
-		# 轮询等待Token就绪 (简单重试机制)
-		await get_tree().create_timer(0.5).timeout
-		_join_session_with_player(session_id)
+	if _is_joining_session:
 		return
 
-	# 等待玩家生成完毕
-	if not _player_spawned or not _local_player:
+	_is_joining_session = true
+
+	# 检查是否有 Token，没有则轮询等待（带超时）
+	var token_wait_elapsed: float = 0.0
+	while LocationManager._auth_token == "":
+		if not is_inside_tree():
+			_is_joining_session = false
+			return
+		if token_wait_elapsed >= _join_token_wait_timeout:
+			push_warning("BaseLevel: 等待认证 Token 超时，取消加入会话 %s" % session_id)
+			_is_joining_session = false
+			return
+		await get_tree().create_timer(_join_token_poll_interval).timeout
+		token_wait_elapsed += _join_token_poll_interval
+
+	# 等待玩家生成完毕（带帧数上限）
+	var wait_frames: int = 0
+	while not _player_spawned or not _local_player:
+		if not is_inside_tree():
+			_is_joining_session = false
+			return
+		if wait_frames >= _join_player_wait_timeout_frames:
+			push_warning("BaseLevel: 等待本地玩家就绪超时，取消加入会话 %s" % session_id)
+			_is_joining_session = false
+			return
 		await get_tree().process_frame
-		_join_session_with_player(session_id)
+		wait_frames += 1
+
+	if not is_instance_valid(_local_player):
+		push_warning("BaseLevel: 本地玩家无效，取消加入会话 %s" % session_id)
+		_is_joining_session = false
 		return
 
-	var pos = _local_player.global_position if is_instance_valid(_local_player) else Vector2.ZERO
-
+	var pos = _local_player.global_position
 	LocationManager.join_session(session_id, pos)
 
 	# 进入会话后立即同步一次位置
 	await get_tree().create_timer(0.1).timeout
-	LocationManager.send_position_update(session_id, pos)
+	if is_inside_tree():
+		LocationManager.send_position_update(session_id, pos)
+
+	_is_joining_session = false
 
 func _process(delta):
 	# 发送位置更新 (节流机制)

scenes/ui/AuthScene.gd

@@ -91,6 +91,7 @@ var toast_manager: ToastManager
 
 # 验证码冷却计时器
 var cooldown_timer: Timer = null
+var cooldown_email: String = ""
 
 # 当前登录模式（从管理器同步）
 var current_login_mode: AuthManager.LoginMode = AuthManager.LoginMode.PASSWORD
@@ -291,9 +292,6 @@ func _on_register_pressed():
 func _on_send_code_pressed():
 	var email = register_email.text.strip_edges()
 	auth_manager.send_email_verification_code(email)
-	
-	# 开始冷却计时器
-	_start_cooldown_timer(email)
 
 # 获取登录验证码按钮
 func _on_get_login_code_pressed():
@@ -374,8 +372,10 @@ func _on_controller_register_failed(_message: String):
 
 # 验证码发送成功处理
 func _on_controller_verification_code_sent(_message: String):
-	# 验证码发送成功，冷却计时器已经在按钮点击时启动
-	pass
+	var email = auth_manager.current_email
+	if email == "":
+		email = register_email.text.strip_edges()
+	_start_cooldown_timer(email)
 
 # 验证码发送失败处理
 func _on_controller_verification_code_failed(_message: String):
@@ -429,12 +429,20 @@ func _on_controller_show_toast_message(message: String, is_success: bool):
 # ============ 验证码冷却管理 ============
 
 # 开始冷却计时器
-func _start_cooldown_timer(_email: String):
+func _start_cooldown_timer(email: String):
 	if cooldown_timer != null:
 		cooldown_timer.queue_free()
+		cooldown_timer = null
+
+	cooldown_email = email
+	if cooldown_email == "":
+		cooldown_email = register_email.text.strip_edges()
 	
 	send_code_btn.disabled = true
-	send_code_btn.text = "重新发送(60)"
+	var remaining_time = auth_manager.get_remaining_cooldown_time(cooldown_email)
+	if remaining_time <= 0:
+		remaining_time = 60
+	send_code_btn.text = "重新发送(%d)" % remaining_time
 	
 	cooldown_timer = Timer.new()
 	add_child(cooldown_timer)
@@ -444,7 +452,8 @@ func _start_cooldown_timer(_email: String):
 
 # 冷却计时器超时处理
 func _on_cooldown_timer_timeout():
-	var remaining_time = auth_manager.get_remaining_cooldown_time(register_email.text.strip_edges())
+	var email = cooldown_email if cooldown_email != "" else register_email.text.strip_edges()
+	var remaining_time = auth_manager.get_remaining_cooldown_time(email)
 	
 	if remaining_time > 0:
 		send_code_btn.text = "重新发送(%d)" % remaining_time
@@ -462,6 +471,7 @@ func _reset_verification_button():
 		cooldown_timer.queue_free()
 		cooldown_timer = null
 	
+	cooldown_email = ""
 	send_code_btn.disabled = false
 	send_code_btn.text = "发送验证码"