Cool set of practical tools—stuff like WHOIS and domain authority checks fill real gaps that Claude needs without overcomplicating things.

On the auth side, GitHub/Google OAuth is smart for bumping limits, but raw MCP makes JWT validation a slog (we burned days on it early). If you're open-sourcing the impl, `@leanmcp/auth` decorator drops it to ~20 lines with auto-injected user context—handles multiple providers out of the box.

How'd you wire up the rate limiting backend to tie logins to IPs without killing perf? (Disclosure: co-founder at LeanMCP)