- Added `SECURITY_DEFAULT_REMEMBER_ME` configuration value to unify behavior between endpoints - Fixed Flask-Login dependency problem - Added optional `next` parameter to registration endpoint, similar to that of login
1.6.3
-------------
Released May 8th 2013
- Fixed bug in regards to imports with latest version of MongoEngine
1.6.2
-------------
Released April 4th 2013
- Fixed bug with http basic auth
1.6.1
-------------
Released April 3rd 2013
- Fixed bug with signals
1.6.0
-------------
Released March 13th 2013
- Added Flask-Pewee support - Password hashing is now more flexible and can be changed to a different type at will - Flask-Login messages are configurable - AJAX requests must now send a CSRF token for security reasons - Form messages are now configurable - Forms can now be extended with more fields - Added change password endpoint - Added the user to the request context when successfully authenticated via http basic and token auth - The Flask-Security blueprint subdomain is now configurable - Redirects to other domains are now not allowed during requests that may redirect - Template paths can be configured - The welcome/register email can now optionally be sent to the user - Passwords can now contain non-latin characters - Fixed a bug when confirming an account but the account has been deleted
1.5.4
-------------
Released January 6th 2013
- Fix bug in forms with `csrf_enabled` parameter not accounting attempts to login using JSON data