v2.6.7
Emergency security release
- [fix] uses a cryptographically secure source of randomness
- [fix] Use hmac_sha512 instead of md5 for cookie hashing. Don't store the key in token anymore (#80)
- [fix] don't include ip in token
- Quick fix for CDA security issue
Thanks to @sidddy @Psycojoker for their work