From 8b77f1b86bc43c75f41b0d6e61843c6609b75056 Mon Sep 17 00:00:00 2001
From: Michele <michele@mlhub.it>
Date: Wed, 1 Apr 2026 17:36:27 +0200
Subject: [PATCH] feat(fase0): fix title, add change-password endpoint
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- index.html: title → "Leopost — Studio Editoriale AI"
- auth router: add POST /api/auth/change-password (local accounts only)
  validates current password, enforces min 8 chars, bcrypt update

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 backend/app/routers/auth.py | 25 +++++++++++++++++++++++++
 frontend/index.html         |  2 +-
 2 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/backend/app/routers/auth.py b/backend/app/routers/auth.py
index 178804b..f023f81 100644
--- a/backend/app/routers/auth.py
+++ b/backend/app/routers/auth.py
@@ -43,6 +43,11 @@ class RedeemCodeRequest(BaseModel):
     code: str
 
 
+class ChangePasswordRequest(BaseModel):
+    current_password: str
+    new_password: str
+
+
 def _user_response(user: User) -> dict:
     return {
         "id": user.id,
@@ -231,6 +236,26 @@ async def oauth_google_callback(code: str, state: Optional[str] = None, db: Sess
     return RedirectResponse(url=redirect_url)
 
 
+# === Change password ===
+
+@router.post("/change-password")
+def change_password(
+    request: ChangePasswordRequest,
+    db: Session = Depends(get_db),
+    current_user: User = Depends(get_current_user),
+):
+    """Change password for the current user (local accounts only)."""
+    if current_user.auth_provider != "local":
+        raise HTTPException(status_code=400, detail="Usa il provider di accesso originale per cambiare la password.")
+    if not verify_password(request.current_password, current_user.hashed_password):
+        raise HTTPException(status_code=400, detail="Password attuale non corretta.")
+    if len(request.new_password) < 8:
+        raise HTTPException(status_code=400, detail="La nuova password deve essere di almeno 8 caratteri.")
+    current_user.hashed_password = hash_password(request.new_password)
+    db.commit()
+    return {"message": "Password aggiornata con successo."}
+
+
 # === Subscription code redemption ===
 
 @router.post("/redeem")
diff --git a/frontend/index.html b/frontend/index.html
index 09ae092..d3c703b 100644
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -3,7 +3,7 @@
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>Leopost Full</title>
+    <title>Leopost — Studio Editoriale AI</title>
     <link rel="preconnect" href="https://fonts.googleapis.com" />
     <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
     <link href="https://fonts.googleapis.com/css2?family=Fraunces:ital,wght@0,400;0,600;0,700;1,400&family=DM+Sans:wght@400;500;600&display=swap" rel="stylesheet" />