Enforce per-user concurrency limit on server side.
Today we use a simple semaphore on server side to control the maximum number of file writes. It would be nice to deny requests over X simultaneous connections per uuid. This would help making sure each client gets a fair share of concurrency under this global limit and prevent DDoS from misconfigured clients.
If done, we need to make sure that client can handle
HTTP 429 - (Too many requests) response during retry, lowering it's own concurrency limit to match the server. Also expose the server limit on GET / to initialize properly, as we do with batching on traditional doc sync.