Authenticate incomming requests
The proxy now discards the incoming Private-Token and uses the tokens that are discarded and the stored token is used. This means that if this proxy is for some reason exposed, attackers gain access to gitlab using the stored tokens.
I think a better security model is to require the incoming token to match the stored user token, and only then forward the request either with the original token, or the admin token.