layouts schick gemacht und packagelimits weiter implementiert

docs/prp/03-api.md

@@ -6,7 +6,7 @@
   - Super Admin: session-authenticated Filament (web only).
 - Common
   - Pagination: `page`, `per_page` (max 100).
-  - Errors: `{ error: { code, message, trace_id }, details?: {...} }`.
+- Errors: `{ error: { code, title, message, meta? } }` across public + tenant APIs.
   - Rate limits: per-tenant and per-device for tenant apps; 429 with `x-rate-limit-*` headers.
 
 Key Endpoints (abridged)
@@ -31,6 +31,28 @@ Webhooks
 - Payment provider events, media pipeline status, and deletion callbacks. All signed with shared secret per provider.
 - RevenueCat webhook: `POST /api/v1/webhooks/revenuecat` signed via `X-Signature` (HMAC SHA1/256). Dispatches `ProcessRevenueCatWebhook` to credit tenants and sync subscription expiry.
 
+### Error Responses
+
+- Every non-2xx response returns a JSON body with the `error` envelope:
+
+```json
+{
+  "error": {
+    "code": "photo_limit_exceeded",
+    "title": "Upload Limit Reached",
+    "message": "Es wurden 120 von 120 Fotos hochgeladen. Bitte kontaktiere das Team für ein Upgrade.",
+    "meta": {
+      "limit": 120,
+      "used": 120,
+      "remaining": 0
+    }
+  }
+}
+```
+
+- `code` is stable for clients; `title` is a short human-friendly label; `message` is localized; `meta` may contain structured data (e.g. `trace_id`, quota counts) when relevant.
+- Guests and tenant admins consume the same structure to surface tailored UI (toast banners, upload dialogs, etc.).
+
 Public Gallery
 - `GET /gallery/{token}`: returns event snapshot + branding colors; responds with `410` once the package gallery window expires.
 - `GET /gallery/{token}/photos?cursor=&limit=`: cursor-based pagination of approved photos. Response shape `{ data: Photo[], next_cursor: string|null }`.