Fix 401 errors for Guest PWA API endpoints: Remove global tenant middleware from bootstrap/app.php and apply only to tenant routes; add throttle:100,1 to guest routes in api.php; enhance EventPublicController with published status validation for all methods to ensure secure public access without auth.

bootstrap/app.php

@@ -25,11 +25,7 @@ return Application::configure(basePath: dirname(__DIR__))
             AddLinkHeadersForPreloadedAssets::class,
         ]);
 
-        $middleware->api(append: [
-            \App\Http\Middleware\TenantTokenGuard::class,
-            \App\Http\Middleware\TenantIsolation::class,
-            \App\Http\Middleware\CreditCheckMiddleware::class,
-        ]);
+        $middleware->api(append: []);
     })
     ->withExceptions(function (Exceptions $exceptions) {
         //