I have got Strapi (cms) authentication to work with JWT (httponly). Now I want to implement CSRF tokens to make it more secure. Strapi is based on koa. However I am struggling to find out how to implement this in strapi. I cannot find any resources on how to implement this in Strapi.
I did enable Samesite restriction for the JWT cookie, would this be sufficient for protection against CSRF?
Hopefully someone will be able to guide me in the right direction. Thanks in advance!