diff --git a/internal/middleware/csrf.go b/internal/middleware/csrf.go
index 9107624..11c4f53 100644
--- a/internal/middleware/csrf.go
+++ b/internal/middleware/csrf.go
@@ -13,9 +13,9 @@ import (
 // CSRF is a middleware generator that enforces CSRF tokens on all POST requests.
 func CSRF(onError func(http.ResponseWriter, *http.Request, string)) negroni.HandlerFunc {
 	middleware := func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		session := sessions.Get(r)
+		token := GenerateCSRFToken(w, r, session)
 		if r.Method == "POST" {
-			session := sessions.Get(r)
-			token := GenerateCSRFToken(w, r, session)
 			if token != r.FormValue("_csrf") {
 				log.Error("CSRF Mismatch: expected %s, got %s", r.FormValue("_csrf"), token)
 				onError(w, r, "Failed to validate CSRF token. Please try your request again.")