[ Bounty $8k ] [ API ] Add structured error responses with error codes — security critical

[simisdav55-oss]

Summary

Adds structured error responses with consistent error codes to all API endpoints, per the issue requirements.

Changes

• Error schema: {code, message, details, request_id}
• Error codes: VALIDATION_ERROR, NOT_FOUND, AUTH_FAILED, RATE_LIMITED, INTERNAL_ERROR, BAD_REQUEST, CONFLICT, FORBIDDEN
• Custom exception classes: APIError, NotFoundError, AuthError, RateLimitError, ValidationError
• Request ID: X-Request-ID and X-Response-Time-Ms headers on every response
• Global handler: Catches APIError, RequestValidationError, HTTPException, and unhandled exceptions
• Tests: 11 tests covering error codes, headers, 404 responses

Acceptance Criteria

• All error responses follow schema
• Error codes are documented in code
• Request ID present in error responses
• Tests: each error code, header presence, 404 response

Closes #202

[github-actions]

Unfortunately the changes in this PR didn't fully resolve the issue. Please rework your solution and submit a new pull request within 2 hours.

Make sure to review the acceptance criteria in the linked issue and verify all conditions are met before resubmitting.