perf: Don't fetch user on every request for licensing check

Created by: eseliger

On every API request, we run a hook to enforce that a valid license is configured to lock out users if that isn't the case. We need to make one exception, though: Site admins must still be able to talk to Sourcegraph so they can configure the license.

In case we got a valid license, we don't need to do anything here, though. However, previously we always fetched the user to check the site admin status. Now, after a bit of reshuffling, we only need to do that if the license is actually expired or invalid. This saves one DB query on every API request on the critical path, as long as they have a valid license (99.9% of cases, 100% on dotcom[hopefully, lol]).