fix(contribution-service): 修复JWT验证与auth-service不兼容

- 移除 type 字段检查 (auth-service 不生成此字段)
- 修复 JwtPayload 接口与 auth-service 生成的 token 结构一致
- 从 payload.sub 获取 accountSequence

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

backend/services/contribution-service/src/shared/guards/jwt-auth.guard.ts

@@ -13,9 +13,9 @@ export const IS_PUBLIC_KEY = 'isPublic';
 export const Public = () => SetMetadata(IS_PUBLIC_KEY, true);
 
 export interface JwtPayload {
-  sub: string;
+  sub: string; // accountSequence
-  accountSequence: string;
+  phone?: string;
-  type: 'access' | 'refresh';
+  source?: string;
   iat: number;
   exp: number;
 }
@@ -49,14 +49,13 @@ export class JwtAuthGuard implements CanActivate {
       const secret = this.configService.get<string>('JWT_SECRET', 'default-secret');
       const payload = jwt.verify(token, secret) as JwtPayload;
 
-      if (payload.type !== 'access') {
-        throw new UnauthorizedException('Invalid token type');
-      }
-
       // 将用户信息附加到请求对象
+      // payload.sub 是 accountSequence (由 auth-service 签发)
       request.user = {
         userId: payload.sub,
-        accountSequence: payload.accountSequence,
+        accountSequence: payload.sub,
+        phone: payload.phone,
+        source: payload.source,
       };
 
       return true;