Database Access optimisations (#14544)

* Optimize database access during spell casting

* load less data when casting spells

* Begin migrating update calls to updateOne and updateMany

* Only update user objects that don’t have notification yet

* fix test

* fix spy

* Don’t unnecessarily update user when requesting invalid guild

* fix sort order for middlewares to not load user twice every request

* fix tests

* fix integration test

* fix skill usage not always deducting mp

* addtest case for blessing spell

* fix healAll

* fix lint

* Fix error for when some spells are used outside of party

* Add check to not run bulk spells in web client

* fix(tags): change const to let

---------

Co-authored-by: SabreCat <sabe@habitica.com>

website/server/libs/routes.js

@@ -24,7 +24,7 @@ export function readController (router, controller, overrides = []) {
 
     // If an authentication middleware is used run getUserLanguage after it, otherwise before
     // for cron instead use it only if an authentication middleware is present
-    const authMiddlewareIndex = _.findIndex(middlewares, middleware => {
+    let authMiddlewareIndex = _.findIndex(middlewares, middleware => {
       if (middleware.name.indexOf('authWith') === 0) { // authWith{Headers|Session|Url|...}
         return true;
       }
@@ -36,6 +36,7 @@ export function readController (router, controller, overrides = []) {
     // disable caching for all routes with mandatory or optional authentication
     if (authMiddlewareIndex !== -1) {
       middlewares.unshift(disableCache);
+      authMiddlewareIndex += 1;
     }
 
     if (action.noLanguage !== true) { // unless getting the language is explictly disabled