Fixed #34384 -- Fixed session validation when rotation secret keys.

Bug in 0dcd549bbe36c060f536ec270d34d9e7d4b8e6c7. Thanks Eric Zarowny for the report.
author: David Wobrock <david.wobrock@gmail.com> 2023-03-06 16:18:03 +0100
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2023-03-08 10:48:04 +0100
commit: 2396933ca99c6bfb53bda9e53968760316646e01 (patch)
tree: 4e28cc9bf22bed440c3d42b0c1f6cb615aec849e /docs/topics
parent: 9b224579875e30203d079cc2fee83b116d98eb78 (diff)
download: django-2396933ca99c6bfb53bda9e53968760316646e01.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/docs/topics/auth/customizing.txt b/docs/topics/auth/customizing.txt
index 3b688c8b5c..6cc48cacb1 100644
--- a/docs/topics/auth/customizing.txt
+++ b/docs/topics/auth/customizing.txt
@@ -722,6 +722,13 @@ The following attributes and methods are available on any subclass of
         Returns an HMAC of the password field. Used for
         :ref:`session-invalidation-on-password-change`.
 
+    .. method:: models.AbstractBaseUser.get_session_auth_fallback_hash()
+
+        .. versionadded:: 4.1.8
+
+        Yields the HMAC of the password field using
+        :setting:`SECRET_KEY_FALLBACKS`. Used by ``get_user()``.
+
 :class:`~models.AbstractUser` subclasses :class:`~models.AbstractBaseUser`:
 
 .. class:: models.AbstractUser
author	David Wobrock <david.wobrock@gmail.com>	2023-03-06 16:18:03 +0100
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2023-03-08 10:48:04 +0100
commit	2396933ca99c6bfb53bda9e53968760316646e01 (patch)
tree	4e28cc9bf22bed440c3d42b0c1f6cb615aec849e /docs/topics
parent	9b224579875e30203d079cc2fee83b116d98eb78 (diff)
download	django-2396933ca99c6bfb53bda9e53968760316646e01.tar.gz