Limit registration attempts to one per 8 hours.

Woke up this morning to a lot of spam on our registration form. While this is not a big deal for the website (we don't allow login until manually reviewed), it kinds of defeats the purpose of the self-registration by giving us extra work for review instead of streamlining the process. I also noticed that a lot of the spam was trying to find SQL injection issues, which should not happen, but could.

This commit adds a first layer of defense against these registration attempts by limiting the rate at which we allow registrations to once every 8 hours. Probably something smarter would be good, maybe involving captcha or email validation, but this is a good first step.

The last registration attempt is stored in the cache, since this does not require very accurate timing; it is not a big deal if we allow one extra registration when restarting the container. This gives us expiration of keys for free, and avoids cluttering backups.