Currently linaro_django_xmlrpc.models.AuthToken.secret is required to be unique on the full database. That's why this is impossible to have the same token for two users.

We should relax the constraints to:

• secret: not unique
• (description, user): unique together