Rate limit by user instead of IP when API user is authenticated (#5923)

* Fix #668 - Rate limit by user instead of IP when API user is authenticated

* Fix code style issue

* Use request decorator provided by Doorkeeper

app/controllers/concerns/rate_limit_headers.rb

@@ -44,7 +44,8 @@ module RateLimitHeaders
   end
 
   def api_throttle_data
-    request.env['rack.attack.throttle_data']['api']
+    request.env['rack.attack.throttle_data']['throttle_authenticated_api'] ||
+      request.env['rack.attack.throttle_data']['throttle_unauthenticated_api']
   end
 
   def request_time