feat: configurable email and sms rate limiting

[cstockton]

Adds two new configuration values for rate limiting the sending of emails and sms messages:

• GOTRUE_RATE_LIMIT_EMAIL_SENT
• GOTRUE_RATE_LIMIT_SMS_SENT

It is implemented with a simple rate limiter that resets a counter at a regular interval. The first intervals start time is set when the counter is initialized. It will be reset when the server is restarted, but preserved when the config is reloaded.

Syntax examples:

1.5       # Allow 1.5 events over 1 hour (legacy format)
100       # Allow 100 events over 1 hour (1h is default)
100/1h    # Allow 100 events over 1 hour (explicit duration)
100/24h   # Allow 100 events over 24 hours
100/72h   # Allow 100 events over 72 hours (use hours for days)
10/30m    # Allow 10  events over 30 minutes
3/10s     # Allow 3   events over 10 seconds

Syntax in ABNF to express the format as value:

value = count / rate
count = 1*DIGIT ["." 1*DIGIT]
rate = 1*DIGIT "/" ival
ival = ival-sec / ival-min / ival-hr
ival-sec = 1*DIGIT "s"
ival-min = 1*DIGIT "m"
ival-hr = 1*DIGIT "h"

This change was a continuation of https://github.com/supabase/auth/pull/1746 adapted to support the recent preservation of rate limiters across server reloads.

[coveralls]

Pull Request Test Coverage Report for Build 11292135273

Details

• 61 of 75 (81.33%) changed or added relevant lines in 6 files are covered.
• 2 unchanged lines in 2 files lost coverage.
• Overall coverage increased (+0.008%) to 57.979%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
internal/api/phone.go	1	2	50.0%
internal/api/mail.go	1	7	14.29%
internal/conf/rate.go	25	32	78.13%
<!--	Total:	61	75	81.33%	-->

Files with Coverage Reduction	New Missed Lines	%
internal/api/phone.go	1	81.51%
internal/api/mail.go	1	57.4%
<!--	Total:	2		-->

Totals
Change from base Build 11277025862:	0.008%
Covered Lines:	9381
Relevant Lines:	16180

---

💛 - Coveralls