Task/262/user password change ability/ implement backend

[InnetaSh]

dev

JIRA

• Main JIRA ticket

Code reviewers

• @github_username

Second Level Review

• @github_username

Summary of issue

Users currently lack a backend implementation for password updates, preventing the front-end interface from successfully processing password change requests.

Summary of change

Implemented the backend logic for secure password modification.

DTO: Created ChangePasswordDto for transporting current and new passwords.

MediatR: Added ChangePasswordCommand and ChangePasswordHandler to handle the password update process.

Validation: Implemented ChangePasswordCommandValidator using FluentValidation with robust rules (password strength, confirmation matching, etc.).

Controller: Exposed a new endpoint in the UsersController to receive password change requests.

Logic: Integrated UserManager.ChangePasswordAsync to ensure secure password hashing and identity management.

Testing approach

Unit Testing:

Created ChangePasswordCommandValidatorTests to verify validation rules (password length, mismatch confirmation, etc.).

Created ChangePasswordHandlerTests using Moq to verify successful password update flow and error handling (user not found, incorrect password).

Manual/Integration Verification:

Verified that the endpoint correctly processes valid requests and returns appropriate errors for invalid current password or validation failures.

CHECK LIST

• СI passed
• Сode coverage >=95%
• PR is reviewed manually again (to make sure you have 100% ready code)
• All reviewers agreed to merge the PR
• I've checked new feature as logged in and logged out user if needed
• PR meets all conventions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
84.4% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud