refactor: remove GORM FK associations, handle relations in business layer (v0.6.1)

- Remove Role association field from User model
- Remove User association field from Token model
- controller/user.go: query Role separately after loading User
- controller/token.go: query User and Role with separate DB calls
- handler/admin.go: introduce userResp type, build role info manually;
  batch-load roles in AdminListUsers to avoid N+1

🤖 Generated with [Qoder][https://qoder.com]

internal/controller/user.go

@@ -89,7 +89,6 @@ func (um *userManager) Login(username, password string) (*model.Session, error)
 	user := new(model.User)
 	if err := db.Default.Session().
 		Where("username = ? AND active = ?", username, true).
-		Preload("Role").
 		First(user).Error; err != nil {
 		return nil, errors.New("账号或密码错误")
 	}
@@ -98,12 +97,17 @@ func (um *userManager) Login(username, password string) (*model.Session, error)
 		return nil, errors.New("账号或密码错误")
 	}
 
+	var role model.Role
+	if err := db.Default.Session().First(&role, user.RoleID).Error; err != nil {
+		return nil, errors.New("账号角色异常，请联系管理员")
+	}
+
 	session := &model.Session{
 		UserID:      user.ID,
 		Username:    user.Username,
-		Role:        user.Role.Name,
-		RoleLabel:   user.Role.Label,
-		Permissions: user.Role.PermissionList(),
+		Role:        role.Name,
+		RoleLabel:   role.Label,
+		Permissions: role.PermissionList(),
 		LoginAt:     now.Unix(),
 		Token:       tool.RandomString(32),
 	}