Support viewing the dashboard without a Steam login

[tsa96]

We get requested to add this basically every time the dashboard gets brought up. Now that the repo is in a much more organised state overall, and we have a much clearer authentication workflow, this should be pretty easy.

This isn't a complete spec, I'll add more in the future, just want to get something simple tracked now so I can reference in other places.

Frontend

• Refactor LocalUserService and AuthService so it cleanly handles not having an active JWT or user account in the localUserSubject field.
• Replace the player card in the header component with a "Sign in with Steam" button (make sure to use the official one that Steam supplies).
• Create a LoggedInGuard guard that can protect any routes that don't make sense to view if you don't have a login - I can provide a full list of these if needed.
• Add an error handler in the HTTP wrapper I wrote that handles 429 - Too many requests by sending a toast to users saying something like "You are being rate limited! Please sign in to increase your request capacity.".
• Disable some parts of forms like leaderboard filters when you're not logged in, with a similar warning as above. Generally we want to disable stuff that creates more expensive DB queries, such as ORDER BYs that don't have much indexing to help them.

Backend

• Refactor auth service and all uses of the @LoggedInUser decorator to handle cases where the JWT is missing - would sure be nice to have enableStrictNullChecks on by this point...
• Disable the corresponding expensive filters if LIU is missing.
• Use Nest's Throttle module, and make it much more restrictive for requests that don't have a JWT - I assume it can track IP addresses as well? I haven't looked into it in a while, not sure what we'll use for caching - may have some general purpose Redis instances by then
• Remove the JwtAuthGuard from all the endpoints it makes sense to make available to users without a JWT.

If anyone wants to pick this up, definitely get in touch with me on Discord. This is a big change and I'm only providing loose details here, we'll want to write up something more precise in the future, probably after 0.10.0's release.

[tsa96]

Endpoint	Public
auth/web	FALSE
auth/web/return	FALSE
auth/game	FALSE
auth/refresh	FALSE
auth/revoke	FALSE
users	TRUE
users/{userID}	TRUE
users/{userID}/profile	TRUE
users/{userID}/activities	TRUE
users/{userID}/followers	TRUE
users/{userID}/follows	TRUE
users/{userID}/credits	TRUE
runs	TRUE
runs/{id}	TRUE
maps	TRUE
maps/{mapID}	TRUE
maps/submissions	FALSE
maps/{mapID}/testInvite	FALSE
maps/{mapID}/testInviteResponse	FALSE
maps/{mapID}/credits	If Approved/PT
maps/{mapID}/credits/{userID}	If Approved/PT
maps/{mapID}/info	If Approved/PT
maps/{mapID}/zones	If Approved/PT
maps/{mapID}/images	If Approved/PT
maps/{mapID}/leaderboard	If Approved/PT
maps/{mapID}/leaderboard/run	If Approved/PT
maps/{mapID}/leaderboardStats	If Approved/PT
maps/{mapID}/reviews	If Approved/PT
session/run	FALSE
session/run/{sessionID}	FALSE
session/run/{sessionID}/end	FALSE
admin/users	FALSE
admin/users/merge	FALSE
admin/users/{userID}	FALSE
admin/maps	FALSE
admin/maps/submissions	FALSE
admin/maps/{mapID}	FALSE
admin/reports	FALSE
admin/reports/{reportID}	FALSE
admin/map-review/{reviewID}	FALSE
admin/activities	FALSE
admin/activities/{userID}	FALSE
map-review/{reviewID}	TRUE
map-review/{reviewID}/comments	TRUE
map-review/comments/{commentID}	FALSE
activities	Osplo working on it, ignore
reports	FALSE
user	FALSE
user/profile	FALSE
user/follow/{userID}	FALSE
user/notifyMap/{mapID}	FALSE
user/activities	FALSE
user/activities/followed	FALSE
user/notifications	FALSE
user/notifications/{notificationID}	FALSE
user/maps/library	FALSE
user/maps/library/{mapID}	FALSE
user/maps/favorites	FALSE
user/maps/favorites/{mapID}	FALSE
user/maps/submitted	FALSE
user/maps/submitted/summary	FALSE