feat(api): add security middleware (helmet, rate-limiting, zod valida…

[Mondo67244]

Description

This PR adds a complete security layer to the Idem API, implementing industry-standard protections against common web vulnerabilities and abuse patterns.

Changes

🆕 New Files

File	Purpose
api/middleware/rateLimiter.middleware.ts	Rate limiting with 4 tiers
api/middleware/errorHandler.middleware.ts	Centralized error handling with AppError class
api/validators/*.ts	Zod validation schemas

✏️ Modified Files

File	Changes
api/index.ts	Added helmet, rate limiters, error handler
package.json	Added helmet, express-rate-limit, zod

Why

1. Rate Limiting - Prevents API abuse (100 req/15min general, 5/hour auth, 20/hour AI)
2. Helmet - Security headers (XSS, clickjacking protection)
3. Centralized Error Handling - Consistent error responses
4. Zod Validation - Type-safe input validation

Testing

• TypeScript compilation passes
• All middleware files created
• Package installation successful

Notes

• 21 npm vulnerabilities remain in AWS-SDK (awaiting upstream fix)
• Zod validators ready but not yet applied to routes