add user update password api

2025-09-17 14:59:16 +05:00
parent 372a0273ea
commit 14f87df060
3 changed files with 37 additions and 2 deletions
--- a/core/apps/accounts/serializers/user.py
+++ b/core/apps/accounts/serializers/user.py
@@ -81,3 +81,17 @@ class UserListSerializer(serializers.ModelSerializer):
                'role': obj.role.name,
            }
        return None
+    
+
+class UserUpdatePasswordSerializer(serializers.Serializer):
+    current_password = serializers.CharField()
+    new_password = serializers.CharField()
+    confirm_new_password = serializers.CharField()
+
+    def validate(self, data):
+        user = self.context.get('user')
+        if not user.check_password(data['current_password']):
+            raise serializers.ValidationError("Password incorrect")
+        if data['new_password'] != data['confirm_new_password']:
+            raise serializers.ValidationError("Ikkita parol bir xil bolishi kerak")
+        return data
--- a/core/apps/accounts/urls.py
+++ b/core/apps/accounts/urls.py
@@ -21,6 +21,7 @@ urlpatterns = [
            path('list/', user_views.UserListApiView.as_view()),
            path('<uuid:id>/', user_views.UserUpdateApiView.as_view()),
            path('permissions/', user_views.UserPermissionListApiView.as_view()),
+            path('update_password/', user_views.UpdateUserPasswordApiView.as_view()),
        ]
    )),
    path('role/', include(
--- a/core/apps/accounts/views/user.py
+++ b/core/apps/accounts/views/user.py
@@ -110,3 +110,23 @@ class UserPermissionListApiView(generics.GenericAPIView):
            {'success': True, 'permissions': serializer.data},
            status=200
        )
+
+
+class UpdateUserPasswordApiView(generics.GenericAPIView):
+    serializer_class = serializers.UserUpdatePasswordSerializer
+    queryset = User.objects.all()
+    permission_classes = [HasRolePermission]
+
+    def patch(self, request):
+        user = request.user
+        serializer = self.serializer_class(data=request.data, context={'user': user})
+        if serializer.is_valid():
+            new_password = serializer.validated_data.get('new_password')
+            user.set_password(new_password)
+            user.save()
+            return Response({
+                'success': True, 'message': 'Foydalanuvchi paroli ozgartirildi',
+            }, status=200)
+        return Response({
+            'success': False, 'error': serializer.errors
+        }, status=400)