refactor(db): 移除无意义 actor，修复 history 多租户与模型

- 删除 entries_history / audit_log / secrets_history 的 actor 列及写入逻辑
- MCP secrets_history 透传当前 user_id
- Entry 增加 user_id，search 查询不再用伪 UUID
- 迁移：保留 users.api_key，从 api_keys 表回退时生成新明文 key 并删表
- 文档：audit_log auth 语义、API Key 存储说明

Made-with: Cursor

crates/secrets-mcp/src/tools.rs

@@ -473,15 +473,16 @@ impl SecretsService {
     async fn secrets_history(
         &self,
         Parameters(input): Parameters<HistoryInput>,
-        _ctx: RequestContext<RoleServer>,
+        ctx: RequestContext<RoleServer>,
     ) -> Result<CallToolResult, rmcp::ErrorData> {
+        let user_id = Self::user_id_from_ctx(&ctx)?;
         let result = svc_history(
             &self.pool,
             &input.namespace,
             &input.kind,
             &input.name,
             input.limit.unwrap_or(20),
-            None,
+            user_id,
         )
         .await
         .map_err(|e| rmcp::ErrorData::internal_error(e.to_string(), None))?;

crates/secrets-mcp/src/web.rs

@@ -321,11 +321,6 @@ where
             StatusCode::INTERNAL_SERVER_ERROR
         })?;
 
-    // Ensure the user has an API key (auto-creates on first login).
-    if let Err(e) = ensure_api_key(&state.pool, user.id).await {
-        tracing::warn!(error = %e, "failed to ensure api key for user");
-    }
-
     session
         .insert(SESSION_USER_ID, user.id.to_string())
         .await
@@ -642,6 +637,7 @@ fn render_template<T: Template>(tmpl: T) -> Result<Response, StatusCode> {
 }
 
 fn format_audit_target(namespace: &str, kind: &str, name: &str) -> String {
+    // Auth events reuse kind/name as a provider-scoped target, not an entry identity.
     if namespace == "auth" {
         format!("{}/{}", kind, name)
     } else {