Skip to content

feat: add PATCH /auth/change-password endpoint#94

Open
rubenxyz wants to merge 2 commits into
Techiebutler:mainfrom
rubenxyz:feature/change-password
Open

feat: add PATCH /auth/change-password endpoint#94
rubenxyz wants to merge 2 commits into
Techiebutler:mainfrom
rubenxyz:feature/change-password

Conversation

@rubenxyz

@rubenxyz rubenxyz commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

What this adds

PATCH /auth/change-password endpoint so authenticated users can change their own password. The frontend was already coded to call this endpoint but it did not exist.

Changes

  1. schemas/auth.py — Adds ChangePasswordRequest schema with current_password and new_password fields.

  2. routers/auth.py — Adds PATCH /auth/change-password endpoint. Validates the current password, then hashes and stores the new one. Returns an error if the current password is incorrect.

Files changed

  • apps/api/schemas/auth.py — +4 lines
  • apps/api/routers/auth.py — +15 lines

Adds ChangePasswordRequest schema and PATCH /auth/change-password
endpoint that allows authenticated users to change their password
by providing current_password and new_password.
@ravirajsinh45

Copy link
Copy Markdown
Contributor

Hi @rubenxyz — thanks for adding this! An adversarial code review flagged one edge case worth handling before merge (verified against the branch head):

🟡 Medium — HTTP 500 for password-less (magic-code) users. A user who signed in via the magic-code flow and never called /auth/set-password has password_hash = None but is fully authenticated. When they submit the change-password form, change_password calls verify_password(body.current_password, None)None.encode('utf-8') raises AttributeError, which isn't caught by the surrounding except ValueError, so FastAPI returns 500 (opaque server error) instead of a clean 4xx. The existing /auth/login endpoint already guards this exact case with or not user.password_hash.

Suggested fix: guard before verifying — if current_user.password_hash is None: raise HTTPException(status_code=400, detail="No password set for this account; use set-password instead").

@ravirajsinh45 ravirajsinh45 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Requesting changes: change_password returns HTTP 500 for magic-code users who never set a password (verify_password(current, None) → uncaught AttributeError). A password_hash is None guard (as /auth/login already does) resolves it. Details in the review comment above.

Magic-code users who never set a password have password_hash=None.
verify_password(current, None) raises an uncaught AttributeError,
resulting in HTTP 500. Add a null guard that returns 400 with a
clear message directing users to /set-password.

Reported-by: ravirajsinh45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants