feat: use csrf protection

server/src/server.ts

@@ -4,10 +4,14 @@ import cors from 'cors';
 import 'dotenv/config';
 import { record, workflow, storage, auth, integration } from './routes';
 import { BrowserPool } from "./browser-management/classes/BrowserPool";
-import logger from './logger'
+import logger from './logger';
+import cookieParser from 'cookie-parser';
+import csrf from 'csurf';
 import { SERVER_PORT } from "./constants/config";
 import { Server } from "socket.io";
 
+const csrfProtection = csrf({ cookie: true })
+
 const app = express();
 app.use(cors());
 app.use(express.json());
@@ -25,6 +29,9 @@ export const io = new Server(server);
  */
 export const browserPool = new BrowserPool();
 
+
+app.use(csrfProtection)
+
 app.use('/record', record);
 app.use('/workflow', workflow);
 app.use('/storage', storage);