Add SessionAuthenticationMiddleware if available.

This was added in Django 1.7 in order to invalidate sessions on password
change.

project/settings.py

@@ -165,7 +165,7 @@
 # similar ETag code in CommonMiddleware.
 USE_ETAGS = False
 
-MIDDLEWARE_CLASSES = (
+MIDDLEWARE_CLASSES = [
     'mapit.middleware.gzip.GZipMiddleware',
     # Not 'django.middleware.gzip.GZipMiddleware' to work around Django #24242
     'django.middleware.http.ConditionalGetMiddleware',
@@ -177,7 +177,9 @@
     'django.middleware.cache.FetchFromCacheMiddleware',
     'mapit.middleware.JSONPMiddleware',
     'mapit.middleware.ViewExceptionMiddleware',
-)
+]
+if django.get_version() >= '1.7':
+    MIDDLEWARE_CLASSES.append('django.contrib.auth.middleware.SessionAuthenticationMiddleware')
 
 ROOT_URLCONF = 'project.urls'