Migrate CSRF, web templates, session cookies, and snapshot to mcdsl

CSRF: Replace local csrfProtect with mcdsl/csrf.Protect. Delete
internal/webserver/csrf.go.

Web: Replace renderTemplate with web.RenderTemplate + csrf.TemplateFunc.
Replace extractCookie with web.GetSessionToken. Replace manual session
cookie SetCookie with web.SetSessionCookie.

Snapshot: Replace local sqliteBackup with mcdsl/db.Snapshot.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

cmd/metacrypt/snapshot.go

@@ -1,12 +1,11 @@
 package main
 
 import (
-	"database/sql"
 	"fmt"
-	"os"
 
 	"github.com/spf13/cobra"
 
+	mcdsldb "git.wntrmute.dev/kyle/mcdsl/db"
 	"git.wntrmute.dev/kyle/metacrypt/internal/config"
 	"git.wntrmute.dev/kyle/metacrypt/internal/db"
 )
@@ -42,17 +41,9 @@ func runSnapshot(cmd *cobra.Command, args []string) error {
 	}
 	defer func() { _ = database.Close() }()
 
-	if err := sqliteBackup(database, snapshotOutput); err != nil {
+	if err := mcdsldb.Snapshot(database, snapshotOutput); err != nil {
 		return err
 	}
 	fmt.Printf("Snapshot saved to %s\n", snapshotOutput)
 	return nil
 }
-
-func sqliteBackup(srcDB *sql.DB, dstPath string) error {
-	_, err := srcDB.Exec("VACUUM INTO ?", dstPath)
-	if err != nil {
-		return fmt.Errorf("snapshot: %w", err)
-	}
-	return os.Chmod(dstPath, 0600)
-}