Feature/#171

[ronibhakta1]

Closes #171
This pull request introduces a PostgreSQL-backed cache and rate-limiting system to enable shared throttling across multiple Uvicorn workers, and applies this rate limiting to critical API endpoints. It also includes environment and deployment improvements, such as default worker configuration and a new CLI installer for local development.

Core features and improvements:

1. Shared PostgreSQL-backed cache and rate limiting

• Introduced a new lenny.core.cache module, providing a Cache class for storing cache entries and a RateGuard FastAPI dependency for IP-based rate limiting using the database. This replaces in-memory rate limiting, ensuring consistent throttling across all workers.
• Added a new Alembic migration to create an unlogged cache table with relevant indexes for efficient lookups and expiry.
• Registered the new cache model in Alembic's environment for migrations.

2. Application of rate limiting to authentication and API endpoints

• Updated lenny.core.auth.OTP to use the new shared cache for rate limiting OTP send and verify attempts, replacing the previous in-memory logic. [1] [2] [3] [4]
• Applied RateGuard as a dependency to the main API router (global limit), and to sensitive endpoints like /upload, /oauth/authorize, and /items/{book_id}/borrow with route-specific limits. [1] [2] [3] [4] [5] [6]

3. Deployment and configuration enhancements

• Defaulted the number of Uvicorn workers to 3 in production, with 1 in testing, across environment configs, shell scripts, and Dockerfile. [1] [2] [3]
• Bumped the application version to 0.1.4.

4. Developer experience improvements

• Added an installer to the configuration script for a local lenny CLI command, simplifying local development and common tasks.