Fetch and send CSRF token on every request

[mendaomn]

Description

This PR implements the Double Submit Cookie strategy on the frontend to prevent CSRF attacks.

Changes

• fetch token via GET /csrf on application start
• set the X-CSRF-Token header for every subsequent request

How Has This Been Tested?

• unit tests
• manually

References

• Double Submit Cookie

PR Quality Checklist

• [x] I added tests to new or existing code
• [ ] I removed hardcoded strings and used our i18n solution instead (see here)
• [x] I made sure no sensitive info gets logged at any time in the codebase (see here) (e.g. no user info or details, no stacktraces, etc.)
• [ ] I checked that infrastructure/update_infrastructure.sh runs without any error
• [x] I checked that npm run build builds without any error
• [x] I checked that clusters are listed correctly
• [ ] I checked that a new cluster can be created (config is produced and dry run passes)
• [ ] I checked that login and logout work as expected

In order to increase the likelihood of your contribution being accepted, please make sure you have read both the Contributing Guidelines and the Project Guidelines

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.