If you make use of a hidden anti-forgery token in your form (as you should), you can cache the anti-forgery token on first submit and remove the token from cache if required, or expire the cached entry after set amount of time.
You will then be able to check with each request against the cache whether the specific form has been submitted and reject it if it has.
You don't need to generate your own GUID as this is already being done when generating the anti-forgery token.
UPDATE
When designing your solution, please keep in mind that each request will be processed asynchronously in its own separate thread, or perhaps even on entirely different servers / app instances.
As such, it is entirely possible that multiple requests (threads) can be processed even before the first cache entry is made. To get around this, implement the cache as a queue. On each submit(post request), write the machine name / id and thread id to the cache, along with the anti-forgery token... delay for a couple of milliseconds, and then check whether the oldest entry in cache/queue for that anti-forgery token corresponds.
In addition, all running instances must be able to access the cache (shared cache).
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…