refactor: align codebase with EventCrew domain and trim legacy band stack

- Update API: events, users, policies, routes, resources, migrations
- Remove deprecated models/resources (customers, setlists, invitations, etc.)
- Refresh admin app and docs; remove apps/band

Made-with: Cursor

api/tests/Feature/Auth/LoginTest.php

@@ -0,0 +1,52 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Feature\Auth;
+
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Tests\TestCase;
+
+class LoginTest extends TestCase
+{
+    use RefreshDatabase;
+
+    public function test_user_can_login_with_valid_credentials(): void
+    {
+        $user = User::factory()->create();
+
+        $response = $this->postJson('/api/v1/auth/login', [
+            'email' => $user->email,
+            'password' => 'password',
+        ]);
+
+        $response->assertOk()
+            ->assertJsonStructure([
+                'success',
+                'data' => ['user' => ['id', 'name', 'email'], 'token'],
+                'message',
+            ])
+            ->assertJson(['success' => true]);
+    }
+
+    public function test_login_fails_with_invalid_credentials(): void
+    {
+        $user = User::factory()->create();
+
+        $response = $this->postJson('/api/v1/auth/login', [
+            'email' => $user->email,
+            'password' => 'wrong-password',
+        ]);
+
+        $response->assertUnauthorized();
+    }
+
+    public function test_login_requires_email_and_password(): void
+    {
+        $response = $this->postJson('/api/v1/auth/login', []);
+
+        $response->assertUnprocessable()
+            ->assertJsonValidationErrors(['email', 'password']);
+    }
+}

api/tests/Feature/Auth/LogoutTest.php

@@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Feature\Auth;
+
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Laravel\Sanctum\Sanctum;
+use Tests\TestCase;
+
+class LogoutTest extends TestCase
+{
+    use RefreshDatabase;
+
+    public function test_authenticated_user_can_logout(): void
+    {
+        $user = User::factory()->create();
+        Sanctum::actingAs($user);
+
+        $response = $this->postJson('/api/v1/auth/logout');
+
+        $response->assertOk()
+            ->assertJson(['success' => true]);
+    }
+
+    public function test_unauthenticated_user_cannot_logout(): void
+    {
+        $response = $this->postJson('/api/v1/auth/logout');
+
+        $response->assertUnauthorized();
+    }
+}

api/tests/Feature/Auth/MeTest.php

@@ -0,0 +1,45 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Feature\Auth;
+
+use App\Models\Organisation;
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Laravel\Sanctum\Sanctum;
+use Tests\TestCase;
+
+class MeTest extends TestCase
+{
+    use RefreshDatabase;
+
+    public function test_authenticated_user_can_get_profile(): void
+    {
+        $user = User::factory()->create();
+        $organisation = Organisation::factory()->create();
+        $organisation->users()->attach($user, ['role' => 'org_admin']);
+
+        Sanctum::actingAs($user);
+
+        $response = $this->getJson('/api/v1/auth/me');
+
+        $response->assertOk()
+            ->assertJsonStructure([
+                'success',
+                'data' => [
+                    'id', 'name', 'email', 'timezone', 'locale',
+                    'organisations',
+                ],
+            ]);
+
+        $this->assertCount(1, $response->json('data.organisations'));
+    }
+
+    public function test_unauthenticated_user_cannot_get_profile(): void
+    {
+        $response = $this->getJson('/api/v1/auth/me');
+
+        $response->assertUnauthorized();
+    }
+}