fix: 修复赠送流程地址归属错误，强制登录后才能填写收货地址

接收者未登录时提交地址会错误保存到赠送者名下，现改为：
- API层：登录态从可选改为必选，未登录返回401
- Service层：始终用提交者ID作为地址归属人

internal/api/user/address_share_submit_public.go

@@ -45,16 +45,20 @@ func (h *handler) SubmitAddressShare() core.HandlerFunc {
 			return
 		}
 
-		// 尝试获取登录用户信息 (可选)
+		// 登录态验证 - 必须登录才能提交（确保地址归属正确）
 		var submitUserID *int64
 		authHeader := ctx.GetHeader("Authorization")
-		if authHeader != "" {
-			// 如果有 Authorization 尝试解析
-			if claims, err := jwtoken.New(configs.Get().JWT.PatientSecret).Parse(authHeader); err == nil {
-				uid := int64(claims.SessionUserInfo.Id)
-				submitUserID = &uid
-			}
+		if authHeader == "" {
+			ctx.AbortWithError(core.Error(http.StatusUnauthorized, 10027, "请先登录后再提交收货地址"))
+			return
 		}
+		claims, claimsErr := jwtoken.New(configs.Get().JWT.PatientSecret).Parse(authHeader)
+		if claimsErr != nil {
+			ctx.AbortWithError(core.Error(http.StatusUnauthorized, 10027, "登录已过期，请重新登录"))
+			return
+		}
+		uid := int64(claims.SessionUserInfo.Id)
+		submitUserID = &uid
 
 		ip := ctx.Request().RemoteAddr
 		// 统一使用 ctx.RequestContext() 包含 context 内容

internal/service/user/address_share.go

@@ -113,12 +113,12 @@ func (s *service) SubmitAddressShare(ctx context.Context, shareToken string, nam
 	s.logger.Info("SubmitAddressShare: Processing", zap.Int64("invID", claims.InventoryID), zap.Int64("owner", claims.OwnerUserID))
 
 	// 1. 确定资产最终归属地 (实名转赠逻辑)
-	targetUserID := claims.OwnerUserID
-	isTransfer := false
-	if submittedByUserID != nil && *submittedByUserID > 0 && *submittedByUserID != claims.OwnerUserID {
-		targetUserID = *submittedByUserID
-		isTransfer = true
+	// 必须登录才能提交，submittedByUserID 由 API 层保证非空
+	if submittedByUserID == nil || *submittedByUserID <= 0 {
+		return 0, fmt.Errorf("login_required")
 	}
+	targetUserID := *submittedByUserID
+	isTransfer := targetUserID != claims.OwnerUserID
 
 	var addrID int64
 	err = s.repo.GetDbW().Transaction(func(tx *gorm.DB) error {