Bring back forgery protection with Rails internals

[hopsoft]

Re-introduces CSRF protection using Rails internal mechanics.

Opt-in to forgery protection like so.

TurboBoost::Commands.config.protect_from_forgery = true

Resolves #36
Resolves #132

[github-actions]

AppMap runtime code review

Summary	Status
Failed tests	✅ All tests passed
Security flaws	✅ None detected
Performance problems	✅ None detected
Code anti-patterns	✅ None detected
New AppMaps	0️⃣ No new AppMaps

Warnings occurred during analysis:

(apiDiff) Error comparing OpenAPI definitions: Validation errors in "base": Swagger schema validation failed. 
  Data does not match any schemas from 'oneOf' at #/paths//tests/get/responses/285
    Missing required property: description at #/paths//tests/get/responses/285
    Missing required property: $ref at #/paths//tests/get/responses/285
 
JSON_OBJECT_VALIDATION_FAILED