[SECURITY] Add CSRF Protection

## Objective
Implement CSRF protection for state-changing requests.

## Implementation
```go
import "github.com/utrack/gin-csrf"

router.Use(csrf.Middleware(csrf.Options{
    Secret: "secret-key",
    ErrorFunc: func(c *gin.Context) {
        c.AbortWithStatus(403)
    },
}))
```

## Acceptance Criteria
- [ ] CSRF tokens required for POST/PUT/DELETE
- [ ] Tokens in cookies or headers
- [ ] UI updated to send tokens
- [ ] Tests pass

## Files
- `api/internal/middleware/csrf.go` (NEW)
- `ui/src/api/client.ts` (update)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SECURITY] Add CSRF Protection #167

Objective

Implementation

Acceptance Criteria

Files

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

[SECURITY] Add CSRF Protection #167

Description

Objective

Implementation

Acceptance Criteria

Files

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions