I think it would be a good idea to implement CSRF on every form that could be used in the site (login & registration for starters). How could we approach this?
Something simple and custom made like this or this.
Or we go the bundle route and add something like symfony/security-csrf
.