Disabling CSRF is a security risk - and not needed

[ashb]

The RBAC UI for Airflow uses a different instance of the CSRF protection, so we need to import both decorators to be CSRF exempt when under RBAC UI.

Closes #73 and likely fixes #72 too

[kaxil]

cc @prakshalj0512 @rssanders3

[prakshalj0512]

@kaxil Are these changes compatible with Airflow 1.8 and 1.9 as well?

[ashb]

Yes, the except ImportError block should take care of it

[ashb]

@prakshalj0512 Ping. Please can you either fix this security issue and release a new version, or mark this repo as abandoned and place a prominent notice at the top of the readme?