tests: prepare for adding CSRF protection on login forms CSRF is about avoiding abuse of credentials by doing things in existing sessions. The login form does not have any previous credentials, so there is nothing to abuse and no real need for CSRF protection. But there is still an unauth session, so we *can* have CSRF protection. CSRF protection is currently in LoginRequired (which obviously isn't applied to the login form), but let's prepare for changing that.

pytest >= 3.3.0, < 3.8
pytest-runner < 4.3
pytest-sugar >= 0.7.0, < 0.10
pytest-benchmark < 3.2
pytest-localserver < 0.5
mock < 2.1
Sphinx < 1.8
WebTest < 2.1