Added opaque join-token support across backend and frontend: new migration/model/service/endpoints, guest controllers now resolve tokens, and the demo seeder seeds a token. Tenant event details list/manage tokens with copy/revoke actions, and the guest PWA uses tokens end-to-end (routing, storage, uploads, achievements, etc.). Docs TODO updated to reflect completed steps.

resources/js/guest/pages/AchievementsPage.tsx

@@ -292,7 +292,7 @@ function PersonalActions({ slug }: { slug: string }) {
 }
 
 export default function AchievementsPage() {
-  const { slug } = useParams<{ slug: string }>();
+  const { token: slug } = useParams<{ token: string }>();
   const identity = useGuestIdentity();
   const [data, setData] = useState<AchievementsPayload | null>(null);
   const [loading, setLoading] = useState(true);