3.7.1

In this release, we are no longer toggling the flask PROPAGATE_EXCEPTIONS = True setting in this extension. It was set in here initially to get things working with flask-restful, but setting a global flask option in here just so that it would work with another flask extension was a poor design choice.

Note that if you are using flask-restful (or possibly other extensions) and the error handlers stop working after this update, you will need to manually set the PROPAGATE_EXCEPTIONS setting in your configuration to keep everything working. Sorry all the inconvenience.

• Removed PROPAGATE_EXCEPTIONS setting from this extension
• Internal cleanup and refactoring

3.7.0

• @jwt_required (et al) no longer require authorization to be present on an OPTIONS request (#119)
• Add Add Werkzeug>=0.14 to install requirements (#115)

3.6.0

• Adds ability to use the samesite cookie attribute (#34, #113, #115). Requires Werkzeug >= 0.14. Thanks @farshiana!

3.5.1

• Exports get_csrf_token to the api (#112)

3.5.0

• Add ability to set the fresh argument when creating access tokens to a datetime.timedelta, which will cause the token to be marked as fresh from now until the timedelta is past (#107). Thanks @dunkmann00!

3.4.0

• Add ability to disable expires check for JWTs (#105 and #106). Thanks @beenje!

3.3.4

• Fix MANIFEST.in spelling, caused LICENSE file to not be properly included in pypi (#88)

3.3.3

• Previous test of 3.3.2 (for adding license file) caused pypi to not allow 3.3.2 to be reused, even though that release was nuked. Just incrementing the version number once more. See the 3.3.2 release notes

3.3.2

• Add ability to change user claims name in token (#92)
• Update unittest and convert test suite to pytest (#77)
• Allow get_jwt_identity (et al) to work in claims_verification_loader (#90)
• Dropped support for python 3.3 (#89)
• Add LICENSE file to the pypi package (#88)

3.3.1

• No longer returns the InvalidHeaderError handler if an authorization header appears in a different format then we expect in the @jwt_optional endpoint. (refs #82)