Enable forgery protection in ActionController

We were manually adding forgery protection to all our controllers, but
in Rails 5.2 there's an option (enabled by default for new applications)
which adds this protection to all controllers.

app/controllers/management/sessions_controller.rb

@@ -4,7 +4,6 @@ class Management::SessionsController < ActionController::Base
   include GlobalizeFallbacks
   include AccessDeniedHandler
   default_form_builder ConsulFormBuilder
-  protect_from_forgery with: :exception
 
   def create
     destroy_session