- Wired the checkout wizard for Google “comfort login”: added Socialite controller + dependency, new Google env

hooks in config/services.php/.env.example, and updated wizard steps/controllers to store session payloads,
attach packages, and surface localized success/error states.
- Retooled payment handling for both Stripe and PayPal, adding richer status management in CheckoutController/
PayPalController, fallback flows in the wizard’s PaymentStep.tsx, and fresh feature tests for intent
creation, webhooks, and the wizard CTA.
- Introduced a consent-aware Matomo analytics stack: new consent context, cookie-banner UI, useAnalytics/
useCtaExperiment hooks, and MatomoTracker component, then instrumented marketing pages (Home, Packages,
Checkout) with localized copy and experiment tracking.
- Polished package presentation across marketing UIs by centralizing formatting in PresentsPackages, surfacing
localized description tables/placeholders, tuning badges/layouts, and syncing guest/marketing translations.
- Expanded docs & reference material (docs/prp/*, TODOs, public gallery overview) and added a Playwright smoke
test for the hero CTA while reconciling outstanding checklist items.

app/Http/Middleware/PackageMiddleware.php

@@ -23,7 +23,7 @@ class PackageMiddleware
             ]);
         }
 
-        if ($this->requiresPackageCheck($request) && !$this->canPerformAction($request, $tenant)) {
+        if ($this->requiresPackageCheck($request) && ! $this->canPerformAction($request, $tenant)) {
             return response()->json([
                 'error' => 'Package limits exceeded. Please purchase or upgrade a package.',
             ], 402);
@@ -36,35 +36,30 @@ class PackageMiddleware
     {
         return $request->isMethod('post') && (
             $request->routeIs('api.v1.tenant.events.store') ||
-            $request->routeIs('api.v1.tenant.photos.store') // Assuming photo upload route
+            $request->routeIs('api.v1.tenant.events.photos.store')
         );
     }
 
     private function canPerformAction(Request $request, Tenant $tenant): bool
     {
         if ($request->routeIs('api.v1.tenant.events.store')) {
-            // Check tenant package for event creation
-            $resellerPackage = $tenant->activeResellerPackage();
-            if ($resellerPackage) {
-                return $resellerPackage->used_events < $resellerPackage->package->max_events_per_year;
-            }
-            return false;
+            return $tenant->hasEventAllowance();
         }
 
-        if ($request->routeIs('api.v1.tenant.photos.store')) {
+        if ($request->routeIs('api.v1.tenant.events.photos.store')) {
             $eventId = $request->input('event_id');
-            if (!$eventId) {
+            if (! $eventId) {
                 return false;
             }
-            $event = Event::findOrFail($eventId);
-            if ($event->tenant_id !== $tenant->id) {
+            $event = Event::query()->find($eventId);
+            if (! $event || $event->tenant_id !== $tenant->id) {
                 return false;
             }
             $eventPackage = $event->eventPackage;
-            if (!$eventPackage) {
+            if (! $eventPackage) {
                 return false;
             }
-            return $eventPackage->used_photos < $eventPackage->package->max_photos;
+            return $eventPackage->used_photos < ($eventPackage->package->max_photos ?? PHP_INT_MAX);
         }
 
         return true;
@@ -88,4 +83,4 @@ class PackageMiddleware
 
         return Tenant::findOrFail($tenantId);
     }
-}
+}