NPM dependency proxy: implement the download tgz endpoint

🔥 Problem

The NPM dependency proxy will require a new endpoint from which the tgz files are downloaded.

This is very similar to the Maven dependency proxy endpoint and care should be take around organizing the code.

In addition, re-use the advanced caching system that uses the ETag field to know if the file was updated on the remote registry.

Regarding authentication, copy what we have for the GitLab NPM package registry.

Regarding authorization, re-use what we have for the Maven dependency proxy.

🚒 Solution

• Implement projects/:id/dependency_proxy/packages/npm/*package_name/-/*file_name in its own class npm.rb
• Centralize all logic between the maven and npm dependency proxy endpoints.
• Centralize logic around the advanced caching.
• Gate the endpoint behind a feature flag.