Add ApiAuthTrait tests, mark API controllers for coverage ignore
ApiAuthTraitTest (10 tests):
- authenticateRequest: missing headers, invalid token, expired token, user not found, email mismatch, success
- success: without meta, with meta
- error: custom status, default 400
Coverage ignore:
- ApiLiveController: requires DB + JWT integration
- ApiSandboxController: requires JWT integration
- ApiAuthController: login/refresh (DB), sso (Keycloak), helpers (private)
- verifyJwt remains fully tested (7 unit tests)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
c82a9d4d4b