Add configurable API rate limits with subtabs in settings (v0.10.0)

- Make rate limiting configurable via WordPress options
- Add subtabs to API settings: General, Rate Limits, Endpoints
- Add HTTP method badges for endpoint documentation
- Update CHANGELOG with rate limiting configuration details

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

README.md

@@ -451,8 +451,10 @@ The plugin provides a comprehensive REST API for integration with external appli
 ### Enabling the API
 
 1. Navigate to **WP BnB → Settings → API**
-2. Enable "Enable REST API"
+2. In the **General** subtab, enable "Enable REST API"
 3. Optionally enable rate limiting for protection against abuse
+4. Configure rate limits in the **Rate Limits** subtab
+5. View all available endpoints in the **Endpoints** subtab
 
 ### Base URL
 
@@ -517,15 +519,23 @@ curl -u "username:app-password" https://site.com/wp-json/wp-bnb/v1/bookings
 
 ### Rate Limiting
 
-When enabled, rate limits are applied per client (by user ID or IP address):
+When enabled, rate limits are applied per client (by user ID or IP address). Configure limits in **Settings → API → Rate Limits**.
 
-| Type | Limit | Applies To |
-| ---- | ----- | ---------- |
+**Default Limits:**
+
+| Type | Default | Applies To |
+| ---- | ------- | ---------- |
 | Public | 60/min | Room/building listings |
 | Availability | 30/min | Availability and calendar endpoints |
 | Booking | 10/min | Booking creation |
 | Admin | 120/min | All admin endpoints |
 
+**Configuration Options:**
+
+- **Time Window**: 10-300 seconds (default: 60 seconds)
+- **Per-endpoint limits**: Customize for each endpoint type
+- **Rate limiting toggle**: Enable/disable without losing settings
+
 Rate limit headers are included in responses:
 
 - `X-RateLimit-Limit`: Maximum requests allowed