Allow use of access_token instead of client_id for unauth requests

[katanacrimson]

This should aid in situations of heavy NAT usage (prominent across SE-Asia) where rate limiting may be a significant usability problem; due to the amount of NAT in those areas, some communities share 2 or 3 IP addresses, and until they obtain IPv6 infrastructure there's no alleviating the problem.

By using access_token (if available) instead of the client_id, you'll instead rate limit by account and not IP address, allowing greater access to those users.

[caseym]

This is allowed now. Anytime you send an access token with a request, we will base rate limits on that user versus their Key / IP combination. Even though access token is not required on some API endpoints, you can send it to better manage rate limits.

See below for example requests and the differing rate limit remaining values.

curl -i https://api.heello.com/users/4.json?key=APPLICATION_KEY HTTP/1.1 200 OK X-RateLimit-Limit: 8400 X-RateLimit-Remaining: 8395

curl -i https://api.heello.com/users/4.json?access_token=ACCESS_TOKEN HTTP/1.1 200 OK X-RateLimit-Limit: 8400 X-RateLimit-Remaining: 8304

[katanacrimson]

Awesome. I'll look into refactoring this in node-heello in a bit, will likely show up in the 1.0.1 release.