Fix architecture issues from todolist

- Add documentation warnings for in-memory rate limiting and failed login attempts
- Consolidate duplicate health endpoints into api/health.py
- Fix CLI to use correct async rescan method names
- Update download.py and anime.py to use custom exception classes
- Add WebSocket room validation and rate limiting

src/server/middleware/error_handler.py

@@ -15,6 +15,7 @@ from src.server.exceptions import (
     AniWorldAPIException,
     AuthenticationError,
     AuthorizationError,
+    BadRequestError,
     ConflictError,
     NotFoundError,
     RateLimitError,
@@ -127,6 +128,26 @@ def register_exception_handlers(app: FastAPI) -> None:
             ),
         )
 
+    @app.exception_handler(BadRequestError)
+    async def bad_request_error_handler(
+        request: Request, exc: BadRequestError
+    ) -> JSONResponse:
+        """Handle bad request errors (400)."""
+        logger.info(
+            f"Bad request error: {exc.message}",
+            extra={"details": exc.details, "path": str(request.url.path)},
+        )
+        return JSONResponse(
+            status_code=exc.status_code,
+            content=create_error_response(
+                status_code=exc.status_code,
+                error=exc.error_code,
+                message=exc.message,
+                details=exc.details,
+                request_id=getattr(request.state, "request_id", None),
+            ),
+        )
+
     @app.exception_handler(NotFoundError)
     async def not_found_error_handler(
         request: Request, exc: NotFoundError