api: add auth test endpoint

[mdtro]

@JoshFerge discovered that we were seeing measurable amounts of TruffleHog requests hitting our project index endpoint. It's suspected this would cause a non-trivial amount of load on the backend datastores. At one point, we had 220k requests logged in a single minute from the TruffleHog user agent... The vast majority were rate-limited however.

This PR creates a really basic endpoint that returns a 200 if you are successfully authenticated with a user auth token, org auth token, or a session. If you're not authenticated, we'll return a 403. The endpoint specifically avoids pulling data about the User and returns no body.

The rate limit is quite high, but I did use a bit of math to find the median/average of requests per minute per IP using the TruffleHog user agent over the past 24 hours. It peaked around 10.5k requests (with about 8k of those rate rate limited). The average and median is right around 1,100-1,300 requests/min for those that weren't rate limited (including rate limited requests, it's closer to 4.7k/min).

The hope with this endpoint is to move these scanning tools that attempt to perform verification of the secret. This gives them an option to use something less impactful and to be good stewards of the service. 🙂 We can also encourage them to honor our rate limiting headers and backoff on the requests.

[JoshFerge]

is there a missing file?

[JoshFerge]

❤️

[mdtro]

is there a missing file?

Yep there sure was. I misnamed some files. Fixed now. :)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 80.03%. Comparing base (ac80048) to head (644740d).
Report is 49 commits behind head on master.

❗ Current head 644740d differs from pull request most recent head 44da9f5. Consider uploading reports for the commit 44da9f5 to get more accurate results

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #70827      +/-   ##
==========================================
- Coverage   80.03%   80.03%   -0.01%     
==========================================
  Files        6504     6506       +2     
  Lines      290752   290792      +40     
  Branches    50115    50120       +5     
==========================================
+ Hits       232693   232724      +31     
- Misses      57622    57631       +9     
  Partials      437      437              

Files	Coverage Δ
src/sentry/api/endpoints/auth_validate.py	100.00% <100.00%> (ø)
src/sentry/api/urls.py	100.00% <100.00%> (ø)

... and 26 files with indirect coverage changes

[github-actions]

🚨 Warning: This pull request contains Frontend and Backend changes!

It's discouraged to make changes to Sentry's Frontend and Backend in a single pull request. The Frontend and Backend are not atomically deployed. If the changes are interdependent of each other, they must be separated into two pull requests and be made forward or backwards compatible, such that the Backend or Frontend can be safely deployed independently.

Have questions? Please ask in the #discuss-dev-infra channel.