fix: critical bugs from code review

- Add missing stat and sys imports in auth.py
- Fix undefined token_id variable in chelon-service.py by extracting
  it from token string before validation

These bugs would cause NameError at runtime.

Signed-off-by: Scott R. Shinn <scott@atomicorp.com>

Author: atomicturtle

server/auth.py

@@ -3,6 +3,8 @@
 """
 
 import os
+import sys
+import stat
 import json
 import logging
 import hashlib

server/chelon-service.py

@@ -86,6 +86,12 @@ def _handle_signing(operation):
 
     token = auth_header.split(' ', 1)[1]
 
+    # Extract token_id from token string before validation for audit logging
+    # Token format is "token_id:secret"
+    token_id = None
+    if token and ':' in token:
+        token_id = token.split(':', 1)[0]
+    
     try:
         token_info = token_auth.validate_token(token)
     except ValueError as e: