* Fixes a bug where missing JWTs were not being handled gracefully, introduced in version 3.23.0 (282)
3.24.0
* Adds the ability to add custom data to the JWT headers via the `headers` kwarg when making new tokens or via the `jwt_manager.additional_headers_loader` decorator. These headers can be accessed in your endpoints via the `get_raw_jwt_header` function. Thanks iamajay for this feature! (271)
3.23.0
* Make header reading compliant with RFC7230, section 3.2.2 (270). Thanks Croug!
3.22.0
* Adds ability to check CSRF double submit token from form data instead of headers (269). Thanks colevscode!
3.21.0
* Require flask 1.0 or greater (263) * Move docs to pallets-sphinx-themes (261) * Add a new `JWT_DECODE_ISSUER` option for use with other JWT providers (259) * Gracefully handle errors for malformed tokens (246)
3.20.0
* Look for JWTs in the same order that they are defined in `JWT_TOKEN_LOCATION`. Thanks stephendwolff!(256)