refactor: align codebase with EventCrew domain and trim legacy band stack

- Update API: events, users, policies, routes, resources, migrations
- Remove deprecated models/resources (customers, setlists, invitations, etc.)
- Refresh admin app and docs; remove apps/band

Made-with: Cursor

api/tests/Feature/Auth/LoginTest.php

@@ -0,0 +1,52 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Feature\Auth;
+
+use App\Models\User;
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Tests\TestCase;
+
+class LoginTest extends TestCase
+{
+    use RefreshDatabase;
+
+    public function test_user_can_login_with_valid_credentials(): void
+    {
+        $user = User::factory()->create();
+
+        $response = $this->postJson('/api/v1/auth/login', [
+            'email' => $user->email,
+            'password' => 'password',
+        ]);
+
+        $response->assertOk()
+            ->assertJsonStructure([
+                'success',
+                'data' => ['user' => ['id', 'name', 'email'], 'token'],
+                'message',
+            ])
+            ->assertJson(['success' => true]);
+    }
+
+    public function test_login_fails_with_invalid_credentials(): void
+    {
+        $user = User::factory()->create();
+
+        $response = $this->postJson('/api/v1/auth/login', [
+            'email' => $user->email,
+            'password' => 'wrong-password',
+        ]);
+
+        $response->assertUnauthorized();
+    }
+
+    public function test_login_requires_email_and_password(): void
+    {
+        $response = $this->postJson('/api/v1/auth/login', []);
+
+        $response->assertUnprocessable()
+            ->assertJsonValidationErrors(['email', 'password']);
+    }
+}