feat(fase0): fix title, add change-password endpoint

- index.html: title → "Leopost — Studio Editoriale AI" - auth router: add POST /api/auth/change-password (local accounts only) validates current password, enforces min 8 chars, bcrypt update Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-01 17:36:27 +02:00
parent 36bb4d2b75
commit 8b77f1b86b
2 changed files with 26 additions and 1 deletions
--- a/backend/app/routers/auth.py
+++ b/backend/app/routers/auth.py
@@ -43,6 +43,11 @@ class RedeemCodeRequest(BaseModel):
    code: str


+class ChangePasswordRequest(BaseModel):
+    current_password: str
+    new_password: str
+
+
 def _user_response(user: User) -> dict:
    return {
        "id": user.id,
@@ -231,6 +236,26 @@ async def oauth_google_callback(code: str, state: Optional[str] = None, db: Sess
    return RedirectResponse(url=redirect_url)


+# === Change password ===
+
+@router.post("/change-password")
+def change_password(
+    request: ChangePasswordRequest,
+    db: Session = Depends(get_db),
+    current_user: User = Depends(get_current_user),
+):
+    """Change password for the current user (local accounts only)."""
+    if current_user.auth_provider != "local":
+        raise HTTPException(status_code=400, detail="Usa il provider di accesso originale per cambiare la password.")
+    if not verify_password(request.current_password, current_user.hashed_password):
+        raise HTTPException(status_code=400, detail="Password attuale non corretta.")
+    if len(request.new_password) < 8:
+        raise HTTPException(status_code=400, detail="La nuova password deve essere di almeno 8 caratteri.")
+    current_user.hashed_password = hash_password(request.new_password)
+    db.commit()
+    return {"message": "Password aggiornata con successo."}
+
+
 # === Subscription code redemption ===

@router.post("/redeem")