- allow a list of parameters to object perms. - improve MFA demo with actual random code and time-based OTP. - improve documentation, including separating the backlog. - extend OTP validation window to 1.
35.1
- fix issue when executing special parameter with special parameters under a route with other type of parameters… - reject special parameters with a default value.
35.0
- add password scheme `fsa:otp` to support time-based OTP with [pyauth totp](https://pyauth.github.io/pyotp/). - allow special parameters hooks to require special parameter parameters. - add `FSA_ALLOW_DEPRECATION` configuration directive to control whether deprecated features are allowed. - deprecate old ANY/ALL/NONE authorizations. - deprecate authorize/auth decorator parameters in favor of authz/authn. - switch doc and code to prefer `authz` and `authn` over `authorize` and `auth`. - reject `CurrentUser` access on `OPEN` route. - improve doc.
34.3
- improve resilience of post request handler, again
34.2
- improve `current_user` resilience.
34.1
- add `FSA_JSON_ALLSTR` to cast values with `str` when in doubt.