Add API endpoint for triggering family sync (#423)

* Add API endpoint for triggering family sync

Introduces Api::V1::SyncController with a create action to queue a family sync, applying all active rules and syncing accounts. Adds corresponding route, JSON response view, and comprehensive controller tests for authorization and response validation.

* Rename started_at to syncing_at in sync API response

Updated the sync create JSON response to use 'syncing_at' instead of 'started_at'. Adjusted related controller test to check for 'syncing_at'. Also updated API authentication header in test to use 'X-Api-Key' instead of Bearer token.

* Update app/controllers/api/v1/sync_controller.rb

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Mark Hendriksen <hendriksen-mark@hotmail.com>

---------

Signed-off-by: Mark Hendriksen <hendriksen-mark@hotmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

app/controllers/api/v1/sync_controller.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+class Api::V1::SyncController < Api::V1::BaseController
+  # Ensure proper scope authorization for write access
+  before_action :ensure_write_scope, only: [ :create ]
+
+  def create
+    family = current_resource_owner.family
+
+    # Trigger family sync which will:
+    # 1. Apply all active rules
+    # 2. Sync all accounts
+    # 3. Auto-match transfers
+    sync = family.sync_later
+
+    @sync = sync
+    render :create, status: :accepted
+  rescue => e
+    Rails.logger.error "SyncController#create error: #{e.message}"
+    Rails.logger.error e.backtrace.join("\n")
+
+    render json: {
+      error: "internal_server_error",
+      message: "Error: #{e.message}"
+    }, status: :internal_server_error
+  end
+
+  private
+
+    def ensure_write_scope
+      authorize_scope!(:write)
+    end
+end