We should make it easier to use the Lagotto API, and drop the API key requirement. Only admin API calls and access to private sources should require authentication.
don't require API key for the v5 API. Closes #230.
handle xml routing errors. #230
use current_user API key. #230