fix: Bearer 认证路径增加 JWT 验证（SSO 回调返回的 JWT 走 Bearer 路径）

gpustack/api/auth.py

@@ -104,7 +104,12 @@ async def get_current_user(
         elif bearer_token or x_api_key:
             token = (bearer_token.credentials if bearer_token else None) or x_api_key
             if token is not None:
+                # Try API key first, fall back to JWT token validation
                 user, api_key = await get_user_from_api_token(session, token)
+                if user is None:
+                    # Bearer token might be a JWT (e.g. from SSO callback)
+                    jwt_manager: JWTManager = request.app.state.jwt_manager
+                    user = await get_user_from_jwt_token(session, jwt_manager, token)
 
         if user is None and client_ip_getter(request=request) == "127.0.0.1":
             if not server_config.force_auth_localhost: