Add some kind of bearer authentication/API key system for NodeNorm

We currently allow anybody to query NodeNorm as frequently as they'd like. It might be a good idea to limit this in some way, perhaps with bearer authentication or API keys.