Currently, the rate limit for the web api is implemented with Django.
But due to a Varnish cache in production, this seems to interfere with that rate limit processing.
For instance, if you hit multiple times the same api url, the rate limit counter will not be
decremented due to the requested data being already in cache.
This leverages the question to move the rate limit processing in the Varnish layer [1]
Nevertheless, through Django the rate limit can be configured per endpoint and per
HTTP method through configuration. We should be able to offer the same features
if we decide to use Varnish for rate limiting.
[1] https://docs.varnish-software.com/policy-engine/filter/ratelimit/