Add a rate-limit pre-check endpoint /api/limits/check that does not consume budget

[greatest0fallt1me]

Description

This is a backend issue for the GrantFox campaign. Dry-run rate-limit endpoint that tells the client whether the next call would succeed without consuming budget.

Requirements and Context

• Returns ok|deny with reason
• Does not consume tokens
• Auth scoped to caller
• Cached per second
• Must be secure, tested, and documented
• Should be efficient and easy to review

Suggested Execution

1. Fork the repo and create a branch

   git checkout -b feature/limits-check

2. Implement changes
   • src/routes/limits/check.ts (new)
   • src/middleware/rateLimiter.ts
3. Test and commit
   • Run the repo's standard test suite and lint
   • Cover edge cases; include output in the PR

Example commit message

feat: add rate-limit pre-check endpoint

Acceptance Criteria

• Returns correct verdict
• No consume
• Auth correct
• Caching works

Guidelines

• Minimum 90% test coverage on changed lines
• Input validation at the boundary; standardized error envelope
• Structured logging with correlation IDs
• Clear documentation and inline comments
• Timeframe: 96 hours

[Jerry-Tekh]

@Jerry-Tekh has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi repo manager, please assign me this.

I’ll implement /api/limits/check for CalloraOrg/Callora-Backend: dry-run verdict ok|deny with reason, no token consumption, caller-scoped auth, per-second caching, structured logging with correlation IDs, input validation, and tests to hit 90% coverage on changed lines.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Jerry-Tekh to this issue.

[Fury03]

@Fury03 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi Maintainer, I can work on this

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Fury03 to this issue.

[Derry255]

@Derry255 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hello maintainer, I am confident to take on this task, implement a good fix and open a cleanly ready to merge PR

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Derry255 to this issue.

[drips-wave]

Congratulations, @Derry255! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @Derry255: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[grantfox-oss]

🎉 This issue has been marked as completed on GrantFox as part of the Official Campaign campaign!

@Derry255's PR #569 was approved and merged by @greatest0fallt1me.

🏆 @Derry255: You earned 35 FoxPoints for this contribution! Your current tier: Explorer (293 total points). Track your full progress on GrantFox.

👏 Great work, @Derry255! Keep contributing to CalloraOrg.