CSRF Authenticity Token for POST requests

Deployed a security upgraded today that requires all POST requests to include an authenticity token. Forms can include this hidden field tag with {{ token_tag }}.