* Make header reading compliant with RFC7230, section 3.2.2 (270). Thanks Croug!
3.22.0
* Adds ability to check CSRF double submit token from form data instead of headers (269). Thanks colevscode!
3.21.0
* Require flask 1.0 or greater (263) * Move docs to pallets-sphinx-themes (261) * Add a new `JWT_DECODE_ISSUER` option for use with other JWT providers (259) * Gracefully handle errors for malformed tokens (246)
3.20.0
* Look for JWTs in the same order that they are defined in `JWT_TOKEN_LOCATION`. Thanks stephendwolff!(256)
3.19.0
* Adds support for using multiple algorithms for decoding JWTs. Thanks Darkheir! (254)
3.18.2
* Fix `JWT_SESSION_COOKIE = False` creating a cookie that was too long in the future for some browsers (243). Thanks allen-cook!