I’m working on a project with React as Frontend and Dolittle as Backend following cookie-based authentication. The issue with using cookies is that they are sent with every request to the server, this way another malicious site can run a post request to our website to change the state or access sensitive data.
The most widely known solution is to implement antiForgery token which generates a random token for every post request to ensure the request comes from a verified site.
For this type of issue, we are only concerned with commands thus these are POST requests which are vulnerable to CSRF attacks because they change the state of the system.
In order to prevent CSRF attacks, every incoming post request must consist of an antiForgery token, how can this be implemented using the CommandCoordinator class in frontend?