From dcb61a44ee4e86b2870786875193a306e07e87f9 Mon Sep 17 00:00:00 2001
From: Christian Bundy <christian@truework.com>
Date: Wed, 22 Mar 2023 11:02:54 -0700
Subject: [PATCH] Fix SECRET_KEY and add SECRET_KEY_FALLBACKS

---
 django-stubs/conf/global_settings.pyi | 6 +++++-
 django-stubs/contrib/auth/tokens.pyi  | 3 ++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/django-stubs/conf/global_settings.pyi b/django-stubs/conf/global_settings.pyi
index 151253574..ff1db1b6a 100644
--- a/django-stubs/conf/global_settings.pyi
+++ b/django-stubs/conf/global_settings.pyi
@@ -168,7 +168,11 @@ IGNORABLE_404_URLS: list[Pattern[str]]
 # A secret key for this particular Django installation. Used in secret-key
 # hashing algorithms. Set this in your settings, or Django will complain
 # loudly.
-SECRET_KEY: str
+SECRET_KEY: str | bytes
+
+# A list of fallback secret keys for a particular Django installation. These
+# are used to allow rotation of the SECRET_KEY.
+SECRET_KEY_FALLBACKS: list[str | bytes]
 
 # Default file storage mechanism that holds media.
 DEFAULT_FILE_STORAGE: str
diff --git a/django-stubs/contrib/auth/tokens.pyi b/django-stubs/contrib/auth/tokens.pyi
index c0c8d830f..01eece248 100644
--- a/django-stubs/contrib/auth/tokens.pyi
+++ b/django-stubs/contrib/auth/tokens.pyi
@@ -5,7 +5,8 @@ from django.contrib.auth.base_user import AbstractBaseUser
 
 class PasswordResetTokenGenerator:
     key_salt: str
-    secret: Any
+    secret: str | bytes
+    secret_fallbacks: list[str | bytes]
     algorithm: str
     def make_token(self, user: AbstractBaseUser) -> str: ...
     def check_token(self, user: AbstractBaseUser | None, token: str | None) -> bool: ...