JwtRedirectToLoginIfUnauthenticatedMiddleware does not support "composed" DRF permissions

[pwnage101]

JwtRedirectToLoginIfUnauthenticatedMiddleware crashes when attempting to introspect a VIewSet to determine if it contains a specific permission class. This middleware was authored before DRF permission composition existed, so it assumes the permission_classes property always points to an iterable of classes. That is no longer a safe assumption.

Here's a proposed fix that has been tested locally, but it still needs unit tests written: #528