From b13af4752fa3e5e7c08163902f32260a50f69ef7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Freitag?= <mail@franek.fr>
Date: Tue, 20 Apr 2021 06:58:51 +0200
Subject: [PATCH] Refs #28017 -- Added test for PasswordResetTokenGenerator
 subclass with a custom secret.

---
 tests/auth_tests/test_tokens.py | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/tests/auth_tests/test_tokens.py b/tests/auth_tests/test_tokens.py
index 5b48eb9785d..af823b1114e 100644
--- a/tests/auth_tests/test_tokens.py
+++ b/tests/auth_tests/test_tokens.py
@@ -111,3 +111,23 @@ class TokenGeneratorTest(TestCase):
         # Tokens created with a different secret don't validate.
         self.assertIs(p0.check_token(user, tk1), False)
         self.assertIs(p1.check_token(user, tk0), False)
+
+    def test_token_with_different_secret_subclass(self):
+        class CustomPasswordResetTokenGenerator(PasswordResetTokenGenerator):
+            secret = 'test-secret'
+
+        user = User.objects.create_user('tokentestuser', 'test2@example.com', 'testpw')
+        custom_password_generator = CustomPasswordResetTokenGenerator()
+        tk_custom = custom_password_generator.make_token(user)
+        self.assertIs(custom_password_generator.check_token(user, tk_custom), True)
+
+        default_password_generator = PasswordResetTokenGenerator()
+        self.assertNotEqual(
+            custom_password_generator.secret,
+            default_password_generator.secret,
+        )
+        self.assertEqual(default_password_generator.secret, settings.SECRET_KEY)
+        # Tokens created with a different secret don't validate.
+        tk_default = default_password_generator.make_token(user)
+        self.assertIs(custom_password_generator.check_token(user, tk_default), False)
+        self.assertIs(default_password_generator.check_token(user, tk_custom), False)