[Vue.js] How to prevent csrf attack if jwt token stored in cookie with httponly in laravel and Vue spa?