fix: Fixed password update endpoint

[johnson-oragui]

This fix currently fixes the error the endpoint change from /api/v1/users/me/password to /api/v1/auth/change-password. The fix also allows users that signed up with socials to be able to set a password.
​

Description

This fix currently fixes the error the endpoint change from /api/v1/users/me/password to /api/v1/auth/change-password. The fix also allows users that signed up with socials to be able to set a password.

Users that signed up via socials usually do not have passwords set up, meaning they would always have to login using their social accounts, the fix here enables them set a password for their account at convenience, that way, they can then be ale to login with a password and email if they wished. The fix also improved on the allowed special characters for password and the exception of using null character or empty white space or non-printable characters as password.

​

Related Issue (Link to issue ticket)

​

Motivation and Context

This fix solves the need for users to be able to change their password with a wider availability of password-usable characters, and also allows users that sign up for the platform via socials to be able to set up a password.
​

How Has This Been Tested?

​

Screenshots (if any)

(user using old password as new password)

user with no password who signed up with social entered values in old password)

user who signed up with social setting up password

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
  ​

Checklist:

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.
• All new and existing tests passed.

Please let me know if there is any change i need to make. thank you.

[gitguardian]

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

Since your pull request originates from a forked repository, GitGuardian is not able to associate the secrets uncovered with secret incidents on your GitGuardian dashboard.
Skipping this check run and merging your pull request will create secret incidents on your GitGuardian dashboard.

🔎 Detected hardcoded secret in your pull request

GitGuardian id	GitGuardian status	Secret	Commit	Filename
13348450	Triggered	Generic Password	8a72b97	tests/v1/user/change_user_password_test.py	View secret

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code.
2. Replace and store your secret safely. Learn here the best practices.
3. Revoke and rotate this secret.
4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

• following these best practices for managing and storing secrets including API keys and other credentials
• install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.

---

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}