feat(api): implement rate limiting and SSRF protection across endpoints

- Added rate limiting to `reaction-users`, `search`, and `image-proxy` APIs to prevent abuse.
- Introduced SSRF protection in `image-proxy` to block requests to private IP ranges.
- Enhanced `link-preview` to use `linkedom` for HTML parsing and improved meta tag extraction.
- Refactored authentication checks in various pages to utilize middleware for cleaner code.
- Improved JWT key loading with error handling and security warnings for production.
- Updated `authFetch` utility to handle token refresh more efficiently with deduplication.
- Enhanced rate limiting utility to trust proxy headers from known sources.
- Numerous layout / design changes

src/pages/index.astro

@@ -16,21 +16,12 @@ const whitelabel = WHITELABELS[host] ?? (detected ? WHITELABELS[detected.host] :
 
 <Base>
   {whitelabel ? (
-    <section>
-      <div class="prose prose-neutral dark:prose-invert">
-        <Root child="ReqForm" client:only="react">
-        </Root>
-      </div>
+    <section class="page-section">
+      <Root child="ReqForm" client:only="react" />
     </section>
   ) : (
-    <section>
-      <div class="prose prose-neutral dark:prose-invert">
-        <Root 
-          child="LyricSearch" 
-          client:only="react" 
-        
-        /> 
-      </div>
+    <section class="page-section">
+      <Root child="LyricSearch" client:only="react" />
     </section>
   )}
 </Base>