524e229245
This is slightly more complicated than it should be since we're using custom authentication middleware (i.e., not Django's standard middleware class). We have to check that the session auth hash we have stored is equal to the request's session auth hash (since the stored hash is a function of the password). Normally this gets handled in `django.contrib.auth.get_user`, but due to our caching we don't go through that function, even in the cache miss case. ECOM-4288
django-cache-toolbox ============================ Documentation: http://code.playfire.com/django-cache-toolbox/