Support custom CSRF_COOKIE_NAME in front-end

Right now `csrftoken` is hardcoded (https://github.com/rdmorganiser/rdmo/blob/main/rdmo/core/static/core/js/core.js#L6), in the new front-end this should be taken from `settings.CSRF_COOKIE_NAME` and `settings.CSRF_HEADER_NAME`.