Add username to token validate response

- Include username field in validateResponse struct
- Look up account by UUID and populate username on success
- Add username field to Go client TokenClaims struct
- Fix OpenAPI nullable type syntax (use array form)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

internal/server/server.go

@@ -451,6 +451,7 @@ type validateRequest struct {
 
 type validateResponse struct {
 	Subject   string   `json:"sub,omitempty"`
+	Username  string   `json:"username,omitempty"`
 	ExpiresAt string   `json:"expires_at,omitempty"`
 	Roles     []string `json:"roles,omitempty"`
 	Valid     bool     `json:"valid"`
@@ -490,12 +491,16 @@ func (s *Server) handleTokenValidate(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	writeJSON(w, http.StatusOK, validateResponse{
+	resp := validateResponse{
 		Valid:     true,
 		Subject:   claims.Subject,
 		Roles:     claims.Roles,
 		ExpiresAt: claims.ExpiresAt.Format("2006-01-02T15:04:05Z"),
-	})
+	}
+	if acct, err := s.db.GetAccountByUUID(claims.Subject); err == nil {
+		resp.Username = acct.Username
+	}
+	writeJSON(w, http.StatusOK, resp)
 }
 
 type issueTokenRequest struct {