refactor: Remove init_token handling from admin initialization logic and related tests

backend/app/gateway/app.py

@@ -46,18 +46,16 @@ _SHUTDOWN_HOOK_TIMEOUT_SECONDS = 5.0
 
 
 async def _ensure_admin_user(app: FastAPI) -> None:
-    """Startup hook: generate init token on first boot; migrate orphan threads otherwise.
+    """Startup hook: handle first boot and migrate orphan threads otherwise.
 
     After admin creation, migrate orphan threads from the LangGraph
     store (metadata.user_id unset) to the admin account. This is the
     "no-auth → with-auth" upgrade path: users who ran DeerFlow without
     authentication have existing LangGraph thread data that needs an
     owner assigned.
-    First boot (no admin exists):
-      - Generates a one-time ``init_token`` stored in ``app.state.init_token``
-      - Logs the token to stdout so the operator can copy-paste it into the
-        ``/setup`` form to create the first admin account interactively.
-      - Does NOT create any user accounts automatically.
+        First boot (no admin exists):
+            - Does NOT create any user accounts automatically.
+            - The operator must visit ``/setup`` to create the first admin.
 
     Subsequent boots (admin already exists):
       - Runs the one-time "no-auth → with-auth" orphan thread migration for
@@ -68,8 +66,6 @@ async def _ensure_admin_user(app: FastAPI) -> None:
     alongside the auth module via create_all, so freshly created tables
     never contain NULL-owner rows.
     """
-    import secrets
-
     from sqlalchemy import select
 
     from app.gateway.deps import get_local_provider
@@ -80,13 +76,8 @@ async def _ensure_admin_user(app: FastAPI) -> None:
     admin_count = await provider.count_admin_users()
 
     if admin_count == 0:
-        init_token = secrets.token_urlsafe(32)
-        app.state.init_token = init_token
         logger.info("=" * 60)
         logger.info("  First boot detected — no admin account exists.")
-        logger.info("  Use the one-time token below to create the admin account.")
-        logger.info("  Copy it into the /setup form when prompted.")
-        logger.info("  INIT TOKEN: %s", init_token)
         logger.info("  Visit /setup to complete admin account creation.")
         logger.info("=" * 60)
         return
@@ -379,11 +370,6 @@ This gateway provides custom endpoints for models, MCP configuration, skills, an
         """
         return {"status": "healthy", "service": "deer-flow-gateway"}
 
-    # Ensure init_token always exists on app.state (None until lifespan sets it
-    # if no admin is found).  This prevents AttributeError in tests that don't
-    # run the full lifespan.
-    app.state.init_token = None
-
     return app