Simple tinyhttp app using Malibu as the CSRF middleware
tinyhttp new malibunode index.jsGET / will return CSRF token in form of { "token": "csrf token" }
POST / will do everything else, but it's protected with CSRF token.
curl --header 'csrf-token: csrf_token_from_get_request' --request POST http://localhost:3000/