CSRF protection

[calebmer]

Look into adding CSRF protection.

https://en.wikipedia.org/wiki/Cross-site_request_forgery