feat(throttling): add global rate limit lockout flow

src/api/users.ts

@@ -1,31 +1,31 @@
-import { authFetch } from './client';
+import { authFetch, buildApiError } from './client';
 
 // --- Auth Endpoints ---
 
-export const loginWithPassword = async (mobile: string, password: string) => {
-  const response = await authFetch('/api/users/login/', {
-    method: 'POST',
-    body: JSON.stringify({ mobile, password })
-  });
-  if (!response.ok) throw new Error('Failed to login with password');
-  return response.json();
-};
+export const loginWithPassword = async (mobile: string, password: string) => {
+  const response = await authFetch('/api/users/login/', {
+    method: 'POST',
+    body: JSON.stringify({ mobile, password })
+  });
+  if (!response.ok) throw await buildApiError(response);
+  return response.json();
+};
 
-export const sendOtp = async (mobile: string, mode: string) => {
-  const response = await authFetch('/api/users/otp/send/', {
-    method: 'POST',
-    body: JSON.stringify({ mobile, mode })
-  });
-  if (!response.ok) throw new Error('Failed to send OTP');
-  return response.json();
-};
+export const sendOtp = async (mobile: string, mode: string) => {
+  const response = await authFetch('/api/users/otp/send/', {
+    method: 'POST',
+    body: JSON.stringify({ mobile, mode })
+  });
+  if (!response.ok) throw await buildApiError(response);
+  return response.json();
+};
 
 export const loginWithOtp = async (mobile: string, otp: string) => {
   const response = await authFetch('/api/users/otp/login/', {
     method: 'POST',
     body: JSON.stringify({ mobile, code: otp })
   });
-  if (!response.ok) throw new Error('Failed to login with OTP');
+  if (!response.ok) throw await buildApiError(response);
   return response.json();
 };