The SessionAuthenticationMiddleware class is removed. It provided no functionality since session authentication is unconditionally enabled in Django 1.10.
The on_delete argument for ForeignKey and OneToOneField is now required in models and migrations. Consider squashing migrations so that you have fewer of them to update.
Using User.is_authenticated() and User.is_anonymous() as methods rather than properties is no longer supported.
This PR fixes some deprecations/changes that Django 2 introduced. If this PR is merged, it should be possible to use the Datacube UI with Django 2.
The following points of the Django 2 changelog had to be addressed: