Django-switchuser

* Fix bug causing su_state to always appear to be active.

* Don't cache the old or active user to guarantee that SuState.auth_user
and SuState.active_user are always valid, even if ``request.user``
or ``request.session["su_auth_user_id"]`` changes. This also lazy-loads
SuState.old_user, which will improve performance for requests where it
isn't used.
* The internal API has been changed, hence the minor version bump. There
is no change to the external API.

* Use AnonymousUser for SuState.auth_user instead of crashing if
request.user is not set.
* Fix Django 1.10 compatibility (thanks mokutsu;
https://github.com/wolever/django-switchuser/pull/6)

* Lazy load su_state so it can safely be listed first in
MIDDLEWARE_CLASSES

* Allow custom user models and add Django 1.9 compatibility (thanks
garyayo; https://github.com/wolever/django-switchuser/pull/5)