# Password Update

div
strong
🔨 In Development
 — This section is still being developed and may change.


**PUT** `/v1/auth/password/update` - Update the authenticated user's password after verifying the current password. This endpoint requires the current password and enforces password strength requirements.

Updates the password for the authenticated user. Requires verification of the current password and confirmation of the new password. Password changes are logged for security auditing.

#### Request Body

**`current_password`** string required

Current password for verification. Must match the user's existing password.

**`new_password`** string required

New password. Must meet complexity requirements: minimum 8 characters, uppercase and lowercase letters, at least one number, and at least one special character.

**`confirm_password`** string required

Confirmation of the new password. Must match `new_password` exactly.

#### Headers

**`Authorization`** string required

Bearer token for authentication. Format: `Bearer <token>`

## Returns

A Password Update Response object containing confirmation of successful password update.

**`success`** boolean

Indicates if the password was updated successfully. Always `true` for successful updates.

**`message`** string

Success message confirming the password update.

Update Password

```bash
curl -X PUT https://api.freddy.aitronos.com/v1/auth/password/update \
-H "Authorization: Bearer $FREDDY_API_KEY" \
-H "Content-Type: application/json" \
-d '{
  "current_password": "CurrentPassword123!",
  "new_password": "NewSecurePassword456!",
  "confirm_password": "NewSecurePassword456!"
}'
```


```python
import requests

response = requests.put(
  "https://api.freddy.aitronos.com/v1/auth/password/update",
  headers={
  "Authorization": f"Bearer {access_token}",
  "Content-Type": "application/json"
  },
  json={
      "current_password": "CurrentPassword123!",
      "new_password": "NewSecurePassword456!",
      "confirm_password": "NewSecurePassword456!"
}
)

result = response.json()
if result["success"]:
  print("Password updated successfully!")
else:
  print(f"Password update failed: {result.get('detail', 'Unknown error')}")
```


```javascript
const response = await fetch('https://api.freddy.aitronos.com/v1/auth/password/update', {
method: 'PUT',
headers: {
  'Authorization': `Bearer ${localStorage.getItem('accessToken')}`,
  'Content-Type': 'application/json'
},
body: JSON.stringify({
  current_password: 'CurrentPassword123!',
  new_password: 'NewSecurePassword456!',
  confirm_password: 'NewSecurePassword456!'
})
});

const result = await response.json();
if (result.success) {
console.log('Password updated successfully!');
// Optionally redirect to login or show success message
} else {
console.error('Password update failed:', result.detail);
}
```

Password Update with Validation

```python
import requests
import re

class PasswordManager:
  def __init__(self, base_url: str = "https://api.freddy.aitronos.com/v1"):
      self.base_url = base_url

  def validate_password(self, password: str) -> tuple[bool, str]:
      """Validate password meets requirements"""
      if len(password) < 8:
          return False, "Password must be at least 8 characters"
      if not re.search(r'[A-Z]', password):
          return False, "Password must contain uppercase letters"
      if not re.search(r'[a-z]', password):
          return False, "Password must contain lowercase letters"
      if not re.search(r'[0-9]', password):
          return False, "Password must contain numbers"
      if not re.search(r'[^A-Za-z0-9]', password):
          return False, "Password must contain special characters"
      return True, "Password is valid"

  def update_password(self, access_token: str, current_password: str, new_password: str, confirm_password: str) -> dict:
      """Update password with validation"""
      # Validate passwords match
      if new_password != confirm_password:
          raise ValueError("Passwords do not match")

      # Validate password strength
      is_valid, message = self.validate_password(new_password)
      if not is_valid:
          raise ValueError(message)

      # Update password
      response = requests.put(
          f"{self.base_url}/auth/password/update",
          headers={
              "Authorization": f"Bearer {access_token}",
              "Content-Type": "application/json"
          },
          json={
              "current_password": current_password,
              "new_password": new_password,
              "confirm_password": confirm_password
          }
      )

      if response.status_code == 200:
          return response.json()
      else:
          error = response.json()
          raise ValueError(error.get("detail", "Password update failed"))

# Usage
manager = PasswordManager()
try:
  result = manager.update_password(
      access_token="your_token_here",
      current_password="CurrentPassword123!",
      new_password="NewSecurePassword456!",
      confirm_password="NewSecurePassword456!"
  )
  print("Password updated successfully!")
except ValueError as e:
  print(f"Error: {e}")
```


```javascript
class PasswordManager {
validatePassword(password) {
  const errors = [];
  if (password.length < 8) errors.push('Password must be at least 8 characters');
  if (!/[A-Z]/.test(password)) errors.push('Password must contain uppercase letters');
  if (!/[a-z]/.test(password)) errors.push('Password must contain lowercase letters');
  if (!/[0-9]/.test(password)) errors.push('Password must contain numbers');
  if (!/[^A-Za-z0-9]/.test(password)) errors.push('Password must contain special characters');
  return { valid: errors.length === 0, errors };
}

async updatePassword(accessToken, currentPassword, newPassword, confirmPassword) {
  // Validate passwords match
  if (newPassword !== confirmPassword) {
    throw new Error('Passwords do not match');
  }

  // Validate password strength
  const validation = this.validatePassword(newPassword);
  if (!validation.valid) {
    throw new Error(validation.errors.join(', '));
  }

  // Update password
  const response = await fetch('https://api.freddy.aitronos.com/v1/auth/password/update', {
    method: 'PUT',
    headers: {
      'Authorization': `Bearer ${accessToken}`,
      'Content-Type': 'application/json'
    },
    body: JSON.stringify({
      current_password: currentPassword,
      new_password: newPassword,
      confirm_password: confirmPassword
    })
  });

  if (response.ok) {
    return await response.json();
  } else {
    const error = await response.json();
    throw new Error(error.detail || 'Password update failed');
  }
}
}

// Usage
const manager = new PasswordManager();
try {
const result = await manager.updatePassword(
  localStorage.getItem('accessToken'),
  'CurrentPassword123!',
  'NewSecurePassword456!',
  'NewSecurePassword456!'
);
console.log('Password updated successfully!');
} catch (error) {
console.error('Error:', error.message);
}
```

Response examples

```json
{
"success": true,
"message": "Password updated successfully"
}
```


```json
{
"detail": "Passwords do not match"
}
```


```json
{
"detail": "Current password is incorrect"
}
```


```json
{
"detail": "Password too weak. Must contain uppercase, lowercase, numbers, and special characters."
}
```


```json
{
"detail": "Authentication required"
}
```