[ToDo] Website security on CSRF

[William-An]

What is this todo related to?

frontend backend

What is the todo?

Enforce CSRF checks on all unsafe HTTP methods, see here, use csrf_protect decorator

User system

1. [x] Login
2. [ ] Any other views related to user logins like password management

How urgent is the todo?

Before v1.0.0b

Additional context