refactor(auth): remove unused ObjectMapper from JwtAuthInterceptor

- Drop ObjectMapper dependency that was no longer needed
- Simplify KDoc to remove redundant format details
- Reorder imports alphabetically

src/main/kotlin/com/msksbr/bookmgr/interceptor/JwtAuthInterceptor.kt

@@ -1,11 +1,10 @@
 package com.msksbr.bookmgr.interceptor
 
-import com.fasterxml.jackson.databind.ObjectMapper
 import com.msksbr.bookmgr.config.JwtUtils
 import com.msksbr.bookmgr.script.log
-import com.msksbr.bookmgr.template.Result
 import jakarta.servlet.http.HttpServletRequest
 import jakarta.servlet.http.HttpServletResponse
+import org.springframework.http.HttpStatus
 import org.springframework.stereotype.Component
 import org.springframework.web.servlet.HandlerInterceptor
 
@@ -13,17 +12,16 @@ import org.springframework.web.servlet.HandlerInterceptor
 * JWT 鉴权拦截器
 * 在每个受保护的 API 请求到达 Controller 之前执行，从 Authorization 头提取并校验 JWT
 *
-* 校验失败时直接返回 401 JSON 响应（使用 Result.unauthorized），请求不会到达 Controller
+* 校验失败时直接返回 401 JSON 响应（使用 Result.unauthorized 格式），请求不会到达 Controller
 * 校验成功后从 token 中提取 username 和 role，写入 request attribute，后续可通过 @RequestAttribute 获取
 *
-* 返回体格式（与 Result.unauthorized 一致）：
+* 返回体格式：
 *   {"code":401,"message":"Missing Authorization header"}
 *   {"code":401,"message":"Invalid token format"}
 *   {"code":401,"message":"Token invalid or expired"}
 */
 @Component
 class JwtAuthInterceptor(
-    private val objectMapper: ObjectMapper,
     private val jwtUtils: JwtUtils
 ) : HandlerInterceptor {
 
@@ -34,19 +32,19 @@ class JwtAuthInterceptor(
     ): Boolean {
         // 1. 检查 Authorization 头是否存在
         val authHeader = request.getHeader("Authorization") ?: run {
-            writeJson(response, Result.unauthorized("Missing Authorization header"))
+            writeUnauthorized(response, "Missing Authorization header")
             return false
         }
         // 2. 检查前缀是否为 "Bearer "
         if (!authHeader.startsWith("Bearer ")) {
-            writeJson(response, Result.unauthorized("Invalid token format"))
+            writeUnauthorized(response, "Invalid token format")
             return false
         }
         // 3. 解析并验证 token
         val token = authHeader.removePrefix("Bearer ")
         val claims = jwtUtils.parseToken(token)
         if (claims == null) {
-            writeJson(response, Result.unauthorized("Token invalid or expired"))
+            writeUnauthorized(response, "Token invalid or expired")
             return false
         }
         // 4. 校验通过，用户信息写入 request attribute
@@ -57,11 +55,11 @@ class JwtAuthInterceptor(
     }
 
     /*
-    * 写入 401 响应，使用 ObjectMapper 序列化保证与 Controller 一致的 JSON 格式（snake_case / non_null 等）
+    * 写入 401 响应，message 字段按 JSON 字符串规范转义
     */
-    private fun writeJson(response: HttpServletResponse, result: Result<*>) {
-        response.status = HttpServletResponse.SC_UNAUTHORIZED
+    private fun writeUnauthorized(response: HttpServletResponse, message: String) {
+        response.status = HttpStatus.UNAUTHORIZED.value()
         response.contentType = "application/json;charset=UTF-8"
-        objectMapper.writeValue(response.writer, result)
+        response.writer.write("""{"code":401,"message":"${message.replace("\\", "\\\\").replace("\"", "\\\"")}"}""")
     }
 }