Replace built-in ratelimit code with golang.org/x/time/rate
It does support reservations a.k.a. conditional increment, which is required to implement "login failed" rate limiting.
It does support reservations a.k.a. conditional increment, which is required to implement "login failed" rate limiting.