feat(webui): add csrf tokens to all forms processing code

Closes #60

pkg/webui/accountsIdResetPassword.go

@@ -1,6 +1,7 @@
 package webui
 
 import (
+	"fmt"
 	"html/template"
 	"net/http"
 
@@ -66,6 +67,14 @@ func handleAccountsIdResetPasswordPOST(db *database.DB) http.Handler {
 		if account == nil {
 			return
 		}
+		if err := r.ParseForm(); err != nil {
+			errorResponse(w, r, http.StatusBadRequest,
+				fmt.Errorf("failed to parse form: %w", err))
+			return
+		}
+		if !verifyCSRFToken(w, r) {
+			return
+		}
 		password := r.FormValue("password")
 		if len(password) < 8 {
 			errorResponse(w, r, http.StatusBadRequest, nil)