Implement basic rate limiting

[chrisfree]

To ensure performance for all users and limit the load put on the server (and thus potential costs), the new API should include basic rate limiting.

It is currently estimated that production Ergast serves roughly 3M requests per month. Ergot's terms of services also state a rate limit of 4/second but this is not actually enforced.

[theOehrly]

Just for confirmation, I searched through my emails again

Typically 3M requests per month and perhaps a peak of 4 requests per second.

And the current terms of service

You must not create any application which polls the API more than four times per second or more than 200 times per hour.

Rate limits should be enforced in some way nowadays, I was told. But I don't think these exact limits are enforced.

[jolpica]

Going to implement this using django_ratelimit https://django-ratelimit.readthedocs.io/en/stable/

However as specified in the documentation, this requires a cache backend. So while implementing that we'll gain some request cacheing also.

[jolpica]

Implemented in #40 for unauthenticated users 4/second or 500/hour requests are allowed. 500 per hour will likely come down to 200/hour to align with ergast once #32 implemented