feat: implement security headers and rate limiting; update environment variables and documentation

backend/src/receipt-import/receipt-import.controller.ts

@@ -7,6 +7,7 @@ import {
   UseInterceptors,
   BadRequestException,
 } from '@nestjs/common';
+import { Throttle } from '@nestjs/throttler';
 import { FileInterceptor } from '@nestjs/platform-express';
 import { memoryStorage } from 'multer';
 import { ReceiptImportService } from './receipt-import.service';
@@ -27,6 +28,7 @@ export class ReceiptImportController {
   constructor(private readonly receiptImportService: ReceiptImportService) {}
 
   @Post()
+  @Throttle({ default: { ttl: 60_000, limit: 20 } })
   @UseGuards(JwtAuthGuard)
   @UseInterceptors(
     FileInterceptor('file', {