Django session for setup expired User was logged in to log out, this problem hasbeen asked with someone in stackoverflow, and this is a good answer of it http://stackoverflow.com/a/14831237/3445802:

That answer Update for Django 1.6, and now we worked with django 1.8.7, but it still works.

1. Add this for Handle session, in your settings.py

Handle session is not Json Serializable

SESSION_SERIALIZER = ‘django.contrib.sessions.serializers.PickleSerializer’

2. Create middleware.py in your path of app, for example tree of directory like this:

___project/
______/app/
_________/models.py
_________/admin.py
_________/middleware.py

And put this script in your file of middleware.py:

from datetime import datetime, timedelta
from django.conf import settings
from django.contrib import auth

class AutoLogout:
    def process_request(self, request):
        if not request.user.is_authenticated() :
            #Can't log out if not logged in
            return

        try:
            if datetime.now() - request.session['last_touch'] > timedelta( 0, settings.AUTO_LOGOUT_DELAY * 60, 0):
                auth.logout(request)
                del request.session['last_touch']
                return
        except KeyError: pass
        request.session['last_touch'] = datetime.now()

3. And then back again in your settings.py, and update your middleware:

MIDDLEWARE_CLASSES = [
    .........................

    'app.middleware.AutoLogout', 
]

# Auto logout delay in minutes
AUTO_LOGOUT_DELAY = 5 #equivalent to 5 minutes

That is automatically force logout for somebody was loggin for every 5 minuts if user not touch anything, or whatever you need to setup time it. Hopefully can help..

Refference: http://stackoverflow.com/a/14831237/3445802