- Removes option identity_lookup kwarg in `create_access_token()` function, introduced in 0.0.7. Now uses the decorator `jwt.user_identity_loader` to perform this functionality. This is a breaking change.
0.0.7
- create_access_token() now defaults to non-fresh tokens - Adds a help method for logging out when using cookies to store the JWTs: unset_jwt_cookies() - Allows passing complex objects into the create_access_token() function, to prevent unnecessary duplicate disk lookups. See 11
0.0.6
- Fixes jwt_required (et al) decorators to work with flask-restless (and probably other frameworks as well)
0.0.5
- Better examples for common use cases - Unify cookie API's (breaking change, set_refresh_cookie is now set_refresh_cookies)
0.0.4
- Fix csrf cookie paths, so javascript outside of that path can still access the csrf token.
0.0.3
- Adds support for storing JWTs in cookies, and CSRF protection - Adds readthedoc documentation (thanks rlam3)