What is the best practice when it comes to CSRF token expiration?
Say a user is visiting a page (Jinja template) with a form, but tries to submit says form only n hours l
