that's why I wanted to make this process transparent to the user, I created a library "django-rotate-secret-key" which helps you rotate your secret key and still accept sessions with the old key for limited amount of time, and I explained how to use in this medium post.
obviously this is not something you want if your key is compromised, but if you want to rotate just as a best security practice this library is for you!
what I love about this library is, once you pass that window where you accept both keys, you can delete/revert everything so there is no residue with this solution! not a single line of code you need to maintain in the future.
Feedbacks welcome, thank you very much!