backport mix phx.gen.auth security improvement

Author: goncalotomas

lib/galaxies_web/live/player_settings_live.ex

@@ -68,7 +68,7 @@ defmodule GalaxiesWeb.PlayerSettingsLive do
           <input
             name={@password_form[:email].name}
             type="hidden"
-            id="hidden_players_email"
+            id="hidden_player_email"
             value={@current_email}
           />
           <.input field={@password_form[:password]} type="password" label="New password" required />

lib/galaxies_web/player_auth.ex

@@ -60,6 +60,8 @@ defmodule GalaxiesWeb.PlayerAuth do
   #     end
   #
   defp renew_session(conn) do
+    delete_csrf_token()
+
     conn
     |> configure_session(renew: true)
     |> clear_session()