• Fix JWT token parsing and generation.

• Clear auth cookie correctly on logout.
• Workaround a deprecation warning in JWT library.

• Update to work with latest Nymph API.

• Fix an issue with CORS requests (using an auth header with no XSRF token).

• Provide blank Tilmeld auth header on logout.
• Change Nymph Server requirement.

• Added patch filter for a tilmeld/admin adding system/admin.

• Updated setup app for new Nymph Client.
• Tighter controls on what Tilmeld admins can do.

This version requires Nymph Client 5.

• Make the setup app more self contained, in case the vendor dir is not accessible on the server.

• Added ability to skip XSRF token check manually.