Flask-login

-------------

Released on December 2nd, 2017

- New config option USE_SESSION_FOR_NEXT to enable storing next url in session
instead of url. 330
- Accept int seconds along with timedelta for REMEMBER_COOKIE_DURATION. 370
- New config option FORCE_HOST_FOR_REDIRECTS to force host for redirects. 371

-------------

Released on October 26th, 2016

- Fixes OPTIONS exemption from login. 244
- Fixes use of MD5 by replacing with SHA512. 264
- BREAKING: The `login_manager.token_handler` function, `get_auth_token` method
on the User class, and the `utils.make_secure_token` utility function have
been removed to prevent users from creating insecure auth implementations.
Use the `Alternative Tokens` example from the docs instead. 291

-------------

Released on October 8th, 2015

- Fixes Python 2.6 compatibility.
- Updates SESSION_KEYS to include "remember".

-------------

Released on September 30th, 2015

- Fixes removal of non-Flask-Login keys from session object when using 'strong'
protection.

-------------

Released on September 10th, 2015

- Fixes handling of X-Forward-For header.
- Update to use SHA512 instead of MD5 for session identifier creation.
- Fixes session creation for every view.
- BREAKING: UTC used to set cookie duration.
- BREAKING: Non-fresh logins now returns HTTP 401.
- Support unicode user IDs in cookie.
- Fixes user_logged_out signal invocation.
- Support for per-Blueprint login views.
- BREAKING: The `is_authenticated`, `is_active`, and `is_anonymous` members of
the user class are now properties, not methods. Applications should update
their user classes accordingly.
- Various other improvements including documentation and code clean up.

--------------

Released on May 19th, 2014

- Fixes missing request loader invocation when authorization header exists.