Django-azure-auth

Added

- Add optional setting for Graph API `/me` URL.

Fixed

- Validates that the `next` path is a relative path to only allow redirects within the host domain.

Fixed

- Auth handler correctly removes users from Django groups when the ID token `roles` claim is empty.

Fixed

- Auth handler no longer assumes the user model includes `first_name` and `last_name` fields ([23](https://github.com/Weird-Sheep-Labs/django-azure-auth/issues/23)). This introduces a breaking change as these fields are no longer populated on the model by default.

Changed

- Optional AAD attributes to be retrieved can be specified in the settings ([11](https://github.com/Weird-Sheep-Labs/django-azure-auth/issues/11)).
- AAD attributes and ID token claims can be mapped to Django User model fields using a user-defined function ([23](https://github.com/Weird-Sheep-Labs/django-azure-auth/issues/23)).

Fixed

- Fixed login callback redirect bug caused by AAD `state` parameter being populated by Azure AD when empty ([30](https://github.com/Weird-Sheep-Labs/django-azure-auth/issues/30)).

Changed

- Change post-login redirect mechanism to use the AAD `state` parameter rather than the Django user session (28).
- Include the redirect functionality for decorator-protected views, not just middleware-protected views (28).