* add InvalidCredentialsError with language-agnostic code and update backend & web logout logic
* error.code in API error responses
Updated the error handler to serialize responseErr.code as the JSON error field, falling back to responseErr.name when no code is set.
* fix(lint): whitespace and missing def
* fix(lint): missed one
* add InvalidCredentialsError case for bad token
Add test verifying that auth middleware throws InvalidCredentialsError with code "invalid_credentials" and correct translated message when the API token is invalid.
* fix(test): user fields implicitly required
---------
Co-authored-by: Kalista Payne <sabrecat@gmail.com>
