v1.2.0

• Changed potentially misleading error message by @skolsuper. #59
• Added JWT_RESPONSE_PAYLOAD_HANDLER by @erichonkanen. #62
• Fixed user import problem for custom users by @cenkbircanoglu. #70
• Added translation utils by @migonzalvar. #68

Thanks to all that contributed to make this release happen.

v1.1.1

Fixes #52

v1.1.0

Support for Django REST Framework v3.0

1.0.2

Fixes #40.

Special thanks to @caffodian, @Epicowl, and @vforgione.

Version 1.0.1

Support for the just released Django 1.7

v1.0.0

I've just released v1.0.0 to PyPI. This release should not introduce any breaking changes but made sense the package's major version was correctly incremented.

This introduces one new feature: Refresh Tokens. This feature was introduced in PR #23 by @alvinchow86 and also introduces some fixes by @liamlin.

A typical use case for might be a web app where you'd like to keep the user "logged in" the site without having to re-enter their password, or get kicked out by surprise before their token expired. Imagine they had a 1-hour token and are just at the last minute while they're still doing something. With mobile you could perhaps store the username/password to get a new token, but this is not a great idea in a browser. Each time the user loads the page, you can check if there is an existing non-expired token and if it's close to being expired, refresh it to extend their session. In other words, if a user is actively using your site, they can keep their "session" alive.

This release also introduces a new setting: JWT_AUTH_HEADER_PREFIX. This allows you to modify the Authorization header value prefix that is required to be sent together with the token. The default value is JWT. This decision was introduced in PR #4 to allow using both this package and OAuth2 in DRF.

Another common value used for tokens and Authorization headers is Bearer.

Thanks to everyone that helped make this release happen. You're awesome!