From: Stephen Finucane <stephen@that.guru>
Date: Thu, 18 May 2017 20:17:35 +0000 (+0100)
Subject: settings: Enable 'SessionAuthenticationMiddleware'
X-Git-Tag: v2.0.0-rc2~21
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8331a20e3a68fa4b42b91417533ae1a60d62ca02;p=thirdparty%2Fpatchwork.git

settings: Enable 'SessionAuthenticationMiddleware'

This raises warnings for Django 1.8 and is mandatory in Django 1.10. It
provides a helpful feature, invalidating a user's session when their
password is changed, and can/should be enabled.

This resolves all issues with Django 1.8.

Signed-off-by: Stephen Finucane <stephen@that.guru>
---

diff --git a/patchwork/settings/base.py b/patchwork/settings/base.py
index 5f6aebee..d82c41d4 100644
--- a/patchwork/settings/base.py
+++ b/patchwork/settings/base.py
@@ -35,10 +35,16 @@ MIDDLEWARE_CLASSES = [
 ]
 
 if django.VERSION >= (1, 7):
-    MIDDLEWARE_CLASSES.append(
-        'django.contrib.admindocs.middleware.XViewMiddleware')
+    MIDDLEWARE_CLASSES += [
+        'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
+    ]
+
+if django.VERSION >= (1, 7):
+    MIDDLEWARE_CLASSES += [
+        'django.contrib.admindocs.middleware.XViewMiddleware'
+    ]
 else:
-    MIDDLEWARE_CLASSES.append('django.middleware.doc.XViewMiddleware')
+    MIDDLEWARE_CLASSES += ['django.middleware.doc.XViewMiddleware']
 
 TIME_ZONE = 'Australia/Canberra'