Fix CSRF not showing the token

config/packages/csrf.yaml

@@ -0,0 +1,11 @@
+# Enable stateless CSRF protection for forms and logins/logouts
+framework:
+    form:
+        csrf_protection:
+            token_id: submit
+
+    csrf_protection:
+        stateless_token_ids:
+            - submit
+            - authenticate
+            - logout

config/packages/framework.yaml

@@ -1,7 +1,7 @@
 # see https://symfony.com/doc/current/reference/configuration/framework.html
 framework:
-    secret: '%env(APP_SECRET)%'
-    #csrf_protection: true
+  secret: "%env(APP_SECRET)%"
+  csrf_protection: true
 
   # Note that the session will be started ONLY if you read or write from it.
   session: true