Lift Rate Limiting for Session Endpoint #4
Description
The /auth/session endpoint is currently rate-limited, but it should not be. This rate-limiting is causing significant issues, particularly with Next.js middleware that relies on repeatedly checking whether a user is authenticated or not. When the rate limit is hit, the middleware fails to authenticate users properly, leading to authentication errors and degraded user experience.
This is especially problematic in dynamic applications where user sessions need to be checked frequently (e.g., on every request or page load). The current rate-limiting setup limits the ability of the middleware to function effectively, resulting in users getting redirected to the login page (due to 429 response status).
Since this endpoint is crucial for ongoing user session validation, removing the rate-limiting entirely would resolve this issue and allow middleware to perform its role without interference.