Feature #97305
Updated by Oliver Hader about 2 years ago
see https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#login-csrf
Future topics after PS25 (https://review.typo3.org/c/Packages/TYPO3.CMS/+/74183/25) in separate patch:
* maybe reuse @Nonce@ cookie?
* @AbstractUserAuth@ event handling tokens
* Extbase generic handling
* @RequestToken->consumed@ property