Added csrf tokens to all forms

src/ZfcUser/Form/ChangeEmail.php

@@ -58,6 +58,16 @@ public function __construct($name, AuthenticationOptionsInterface $options)
             ),
         ));
 
+        $this->add([
+            'type' => '\Zend\Form\Element\Csrf',
+            'name' => 'security',
+            'options' => [
+                'csrf_options' => [
+                    'timeout' => $this->getAuthenticationOptions()->getLoginFormTimeout()
+                ]
+            ]
+        ]);
+
         $this->add(array(
             'name' => 'submit',
             'attributes' => array(

src/ZfcUser/Form/ChangePassword.php

@@ -59,6 +59,16 @@ public function __construct($name, AuthenticationOptionsInterface $options)
             ),
         ));
 
+        $this->add([
+            'type' => '\Zend\Form\Element\Csrf',
+            'name' => 'security',
+            'options' => [
+                'csrf_options' => [
+                    'timeout' => $this->getAuthenticationOptions()->getLoginFormTimeout()
+                ]
+            ]
+        ]);
+
         $this->add(array(
             'name' => 'submit',
             'attributes' => array(

src/ZfcUser/Form/Login.php

@@ -56,6 +56,16 @@ public function __construct($name, AuthenticationOptionsInterface $options)
         //$csrf->getValidator()->setTimeout($options->getLoginFormTimeout());
         //$this->add($csrf);
 
+        $this->add([
+            'type' => '\Zend\Form\Element\Csrf',
+            'name' => 'security',
+            'options' => [
+                'csrf_options' => [
+                    'timeout' => $this->getAuthenticationOptions()->getLoginFormTimeout()
+                ]
+            ]
+        ]);
+
         $submitElement = new Element\Button('submit');
         $submitElement
             ->setLabel('Sign In')

src/ZfcUser/Form/Register.php

@@ -24,6 +24,16 @@ public function __construct($name, RegistrationOptionsInterface $options)
 
         parent::__construct($name);
 
+        $this->add([
+            'type' => '\Zend\Form\Element\Csrf',
+            'name' => 'security',
+            'options' => [
+                'csrf_options' => [
+                    'timeout' => $this->getRegistrationOptions()->getUserFormTimeout()
+                ]
+            ]
+        ]);
+
         if ($this->getRegistrationOptions()->getUseRegistrationFormCaptcha()) {
             $this->add(array(
                 'name' => 'captcha',

tests/ZfcUserTest/Form/ChangeEmailTest.php

@@ -21,6 +21,7 @@ public function testConstruct()
         $this->assertArrayHasKey('newIdentity', $elements);
         $this->assertArrayHasKey('newIdentityVerify', $elements);
         $this->assertArrayHasKey('credential', $elements);
+        $this->assertArrayHasKey('security', $elements);
     }
 
     /**

tests/ZfcUserTest/Form/ChangePasswordTest.php

@@ -21,6 +21,7 @@ public function testConstruct()
         $this->assertArrayHasKey('credential', $elements);
         $this->assertArrayHasKey('newCredential', $elements);
         $this->assertArrayHasKey('newCredentialVerify', $elements);
+        $this->assertArrayHasKey('security', $elements);
     }
 
     /**

tests/ZfcUserTest/Form/LoginTest.php

@@ -23,6 +23,8 @@ public function testConstruct($authIdentityFields = array())
 
         $this->assertArrayHasKey('identity', $elements);
         $this->assertArrayHasKey('credential', $elements);
+        $this->assertArrayHasKey('security', $elements);
+
 
         $expectedLabel="";
         if (count($authIdentityFields) > 0) {

tests/ZfcUserTest/Form/RegisterTest.php

@@ -39,6 +39,8 @@ public function testConstruct($useCaptcha = false)
         $this->assertArrayHasKey('email', $elements);
         $this->assertArrayHasKey('password', $elements);
         $this->assertArrayHasKey('passwordVerify', $elements);
+        $this->assertArrayHasKey('security', $elements);
+
     }
 
     public function providerTestConstruct()