refactor: Inline password hash comparison in serializers

mahdirahimi1999 · mahdirahimi1999 · commit 7d2d28a9d173 · 2025-08-18T11:31:25.000+03:30
Simplifies the conditional check by removing temporary variables for the token hash and user password hash.
diff --git a/rest_framework_simplejwt/serializers.py b/rest_framework_simplejwt/serializers.py
@@ -131,10 +131,7 @@ def validate(self, attrs: dict[str, Any]) -> dict[str, str]:
                 )
 
             if api_settings.CHECK_REVOKE_TOKEN:
-                token_hash = refresh.payload.get(api_settings.REVOKE_TOKEN_CLAIM)
-                user_hash = get_md5_hash_password(user.password)
-
-                if token_hash != user_hash:
+                if refresh.payload.get(api_settings.REVOKE_TOKEN_CLAIM) != get_md5_hash_password(user.password):
                     # If the password has changed, we blacklist the token
                     # to prevent any further use.
                     if (
@@ -201,10 +198,7 @@ def validate(self, attrs: dict[str, Any]) -> dict[str, str]:
                 )
 
             if api_settings.CHECK_REVOKE_TOKEN:
-                token_hash = token.payload.get(api_settings.REVOKE_TOKEN_CLAIM)
-                user_hash = get_md5_hash_password(user.password)
-
-                if token_hash != user_hash:
+                if token.payload.get(api_settings.REVOKE_TOKEN_CLAIM) != get_md5_hash_password(user.password):
                     # If the password has changed, we blacklist the token
                     # to prevent any further use.
                     if (
