Fix and improve API rate limiting

[myssto]

• Updates the rate limiter to use the current claims
• Adds a middleware that adds rate limit information headers to outbound responses
  • Adds a x-ratelimit-limit header that populates with the rate limit for the user / client
  • Adds a x-ratelimit-remaining header that populates with the number of tokens remaining for the user / client

Funnily enough, I don't think the rate limiter was ever working as intended to begin with? After debugging for a little it seemed like the way we were parsing the claims principal for partitioning (through the IAuthenticateResultFeature) was either just not working at all, or incredibly inconsistent. Either way it's good now :D

I use the royal we as if I wasn't the one who wrote all of this in the first place

[github-actions[bot]]

Qodana for .NET

1 new problem were found

Inspection name	Severity	Problems
Use preferred style for trailing comma before new line in multiline lists	◽️ Notice	1

💡 Qodana analysis was run in the pull request mode: only the changed files were checked ☁️ View the detailed Qodana report

Contact Qodana team

Contact us at [qodana-support@jetbrains.com](mailto:qodana-support@jetbrains.com) - Or via our issue tracker: https://jb.gg/qodana-issue - Or share your feedback: https://jb.gg/qodana-discussions

[github-actions[bot]]

Qodana for .NET

It seems all right 👌

No new problems were found according to the checks applied

💡 Qodana analysis was run in the pull request mode: only the changed files were checked ☁️ View the detailed Qodana report

Contact Qodana team

Contact us at [qodana-support@jetbrains.com](mailto:qodana-support@jetbrains.com) - Or via our issue tracker: https://jb.gg/qodana-issue - Or share your feedback: https://jb.gg/qodana-discussions