feat: add change password functionality for students

2025-11-04 14:04:59 +01:00
parent a922beed04
commit 21d54a9dd7
2 changed files with 20 additions and 1 deletions
--- a/backend/app/Http/Controllers/Auth/RegisteredUserController.php
+++ b/backend/app/Http/Controllers/Auth/RegisteredUserController.php
@@ -126,4 +126,22 @@ class RegisteredUserController extends Controller

        return response()->noContent();
    }
+
+    public function change_password(Request $request)
+    {
+        $user = auth()->user();
+
+        if ($user->role !== 'STUDENT') {
+            return response()->json(['message' => 'Only students...'], 403);
+        }
+
+        $request->validate([
+            'password' => ['required', 'string', 'min:8', 'confirmed'],
+        ]);
+
+        $user->password = Hash::make($request->password);
+        $user->save();
+
+        return response()->json(['message' => 'Password successfully changed.']);
+    }
 }
--- a/backend/routes/api.php
+++ b/backend/routes/api.php
@@ -23,11 +23,12 @@ Route::middleware(['auth:sanctum'])->get('/user', function (Request $request) {
 });

 Route::middleware(['auth:sanctum'])->prefix('/students')->group(function () {
+    Route::post('/change-password', [RegisteredUserController::class, 'change_password']);
    Route::get('/', [StudentDataController::class, 'all']);
    Route::get('/{id}', [StudentDataController::class, 'get']);
    Route::post('/{id}', [StudentDataController::class, 'update_all']);
    Route::delete('/{id}', [StudentDataController::class, 'delete']);
-    Route::post('/students/change-password', [StudentDataController::class, 'change_password']);
+
 });

 Route::post('/password-reset', [RegisteredUserController::class, 'reset_password'])