Implement CSRF Token Validation for SecretSanta Login Form

[dreadwarrior]

Example:

\TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get()
    ->validateToken(
        GeneralUtility::_GP('csrfToken'), 
        'formName', 
        'action'
    )

[dreadwarrior]

See

• https://security.stackexchange.com/questions/59411/how-to-protect-against-login-csrf
• https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet#Double_Submit_Cookies
• symfony/symfony#13464 (comment)

[dreadwarrior]

The Google ReCaptcha protects the login form. Wont fix this time...