Both of the other answers here assume that multiple files are sent with a single request. That is not true with Fine Uploader. Each file is sent in a separate request.
As you mentioned, Fine Uploader already handles this client-side with the validation.itemLimit
option. If you want to add a server-side check as well, you'll need to ensure some user data, such as an ID, is passed with each request. This way, you can limit a specific user to a set number of files. You should already have some sort of a cookie set that allows your server to match a request to a specific user. This cookie will be passed, by default, with each request.