feat(auth): add recent activity logging to access tracker

* Introduced AccessLogEntry type for logging access details
* Updated AccessTracker to maintain a recent activity log
* Modified Metrics to include recent activity log in response
* Added RecentActivityLog component to display logged activities

internal/app/status.go

@@ -44,9 +44,6 @@ type publicStatusResponse struct {
 func statusSnapshot(info buildinfo.Info, tracker *auth.AccessTracker, oauthEnabled bool, now time.Time) statusAPIResponse {
 	entries := tracker.Snapshot()
 	metrics := tracker.Metrics(20)
-	metrics.TopIPs = nil
-	metrics.TopAgents = nil
-	metrics.TopTools = nil
 	return statusAPIResponse{
 		Title:           "Avelon Memory Crystal Server (AMCS)",
 		Description:     "AMCS is a memory server that captures, links, and retrieves structured project thoughts for AI assistants using semantic search, summaries, and MCP tools.",

internal/app/status_test.go

@@ -58,8 +58,14 @@ func TestStatusSnapshotShowsTrackedAccess(t *testing.T) {
 	if snapshot.Metrics.UniqueTools != 1 {
 		t.Fatalf("Metrics.UniqueTools = %d, want 1", snapshot.Metrics.UniqueTools)
 	}
-	if len(snapshot.Metrics.TopIPs) != 0 || len(snapshot.Metrics.TopAgents) != 0 || len(snapshot.Metrics.TopTools) != 0 {
-		t.Fatalf("Top breakdowns should be hidden in counts-only status: %+v", snapshot.Metrics)
+	if len(snapshot.Metrics.TopIPs) != 1 || len(snapshot.Metrics.TopAgents) != 1 || len(snapshot.Metrics.TopTools) != 1 {
+		t.Fatalf("Top breakdowns not populated: %+v", snapshot.Metrics)
+	}
+	if len(snapshot.Metrics.RecentLog) != 1 {
+		t.Fatalf("RecentLog len = %d, want 1", len(snapshot.Metrics.RecentLog))
+	}
+	if snapshot.Metrics.RecentLog[0].Tool != "list_projects" {
+		t.Fatalf("RecentLog[0].Tool = %q, want %q", snapshot.Metrics.RecentLog[0].Tool, "list_projects")
 	}
 }