When the SPA authenticates via cookies (not Bearer token), Sanctum returns
a TransientToken from currentAccessToken() which has no delete() method.
Detect it and invalidate the session instead.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds authenticated endpoints for reading/updating fuel type preferences and managing saved stations, backed by new migrations and a SavedStation model.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Extends NearbyStationsRequest validation to accept `sort=updated` and `sort=brand`. Updates StationController to use match expression with dedicated closures: 'updated' sorts by price_effective_at descending (newest first), 'brand' sorts alphabetically by brand_name, with existing price and distance options.
Extends NearbyStationsRequest to accept `postcode` (full or outcode) as an alternative to lat/lng. PostcodeService resolves it via postcodes.io and falls through to coordinates. Also adds SearchResource to the Filament admin panel for viewing logged search activity with fuel type filter and price/distance stats columns. Includes SQLite GREATEST/LEAST function polyfills in AppServiceProvider for test compatibility.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Implements PredictionRequest (fuel_type validation with ValueError→ValidationException), PredictionController delegating to NationalFuelPredictionService, and 5 feature tests. Also fixes LEAST() MySQL-only function to a CASE WHEN expression for SQLite test compatibility.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
