refactor(mcp): apply Part 1 review I1+I3+I4+I5

- Rename MCPToken -> Token (mcp.Token reads cleaner; zero external callers yet)
- IssueSystemToken: guard against nil ACPSessionID / UserID (early input validation)
- TokenService: inject now func for clock injection (parity with RateLimiter)
- Repository CHECK constraint tests: assert wrapped CodeInternal

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-05-08 10:28:49 +08:00
parent 980c6fcf0e
commit a00f5a9efd
7 changed files with 106 additions and 65 deletions
+1 -1
View File
@@ -17,7 +17,7 @@ type authCtxKey struct{}
var AuthContextKey = authCtxKey{}
// AuthSession 是中间件解析后注入 ctx 的鉴权快照。
// 不直接暴露 *MCPToken(隐藏 hash 字段,避免下游误用)。
// 不直接暴露 *Token(隐藏 hash 字段,避免下游误用)。
type AuthSession struct {
TokenID string // 用于审计 metadata 写入
UserID string // user_id 字符串形式(避免反复 uuid.UUID -> string 转换)