Fix/issue 2358 bounded lru captcha

[Prateek2007-cmd]

Description

Resolves Issue #2358 (Unbounded Memory Leak in Captcha Tracking).

The /api/auth/login endpoint utilized an unbounded global Python dictionary (failed_login_attempts) to track failed authentication requests. Because entries were only purged upon a successful login, a distributed botnet firing random email payloads could cause the dictionary footprint to expand infinitely, eventually starving the host environment of memory and crashing the service (DOS).

This PR mitigates the architectural vulnerability by implementing a robust, self-cleaning caching layer.

Changes Made

• LRU Cache Implementation: Upgraded the standard dictionary to an OrderedDict to take advantage of O(1) .move_to_end() and .popitem(last=False) operations.
• Memory Bounds Enforcement: Established a strict upper limit of 1000 concurrent tracked emails. If the threshold is breached, the oldest tracked IP/email combination is dynamically purged, capping memory consumption effectively without degrading valid user UX.

Type of Change

• Security Fix
• Performance Optimization

[vercel]

@Prateek2007-cmd is attempting to deploy a commit to the janavipandole's projects Team on Vercel.

A member of the Team first needs to authorize it.