settings: Enable 'SessionAuthenticationMiddleware'

This raises warnings for Django 1.8 and is mandatory in Django 1.10. It
provides a helpful feature, invalidating a user's session when their
password is changed, and can/should be enabled.

This resolves all issues with Django 1.8.

Signed-off-by: Stephen Finucane <stephen@that.guru>

diff --git a/patchwork/settings/base.py b/patchwork/settings/base.py
index 5f6aebeed0371c05fd9dbbf4877980038da83b8a..d82c41d4212a39f4999781aa19c0adf0f1f74a17 100644 (file)
--- a/patchwork/settings/base.py
+++ b/patchwork/settings/base.py
@@ -35,10 +35,16 @@ MIDDLEWARE_CLASSES = [
 ]
 
 if django.VERSION >= (1, 7):
-    MIDDLEWARE_CLASSES.append(
-        'django.contrib.admindocs.middleware.XViewMiddleware')
+    MIDDLEWARE_CLASSES += [
+        'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
+    ]
+
+if django.VERSION >= (1, 7):
+    MIDDLEWARE_CLASSES += [
+        'django.contrib.admindocs.middleware.XViewMiddleware'
+    ]
 else:
-    MIDDLEWARE_CLASSES.append('django.middleware.doc.XViewMiddleware')
+    MIDDLEWARE_CLASSES += ['django.middleware.doc.XViewMiddleware']
 
 TIME_ZONE = 'Australia/Canberra'