AddCSRFProtection adds CSRF token into the user session via secure cookie, it implements "double submit cookie" approach to check against CSRF attacks https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet#Double_Submit_Cookie.

ExtractTokenFromCookie retrieves a CSRF token from the session cookie.

GenerateToken generates a random CSRF token.

VerifyFormField checks if HTTP form value matches the cookie.

VerifyHTTPHeader checks if HTTP header value matches the cookie.

VerifyToken validates given token based on HTTP request cookie.

CookieName is the name of the CSRF cookie.

FormFieldName is the default form field to inspect.

HeaderName is the default HTTP request header to inspect.