Audit Client logging API to prevent abuse

Right now, any authenticated user could hit the logging API route, but we need a way to log client errors that occur. We should rethink the current approach to make something a bit cleaner.

Rate limiting is probably one of the approaches, but perhaps there is more that can be done? 