new features

cpv3/modules/users/service.py

@@ -4,7 +4,7 @@ import uuid
 
 from sqlalchemy.ext.asyncio import AsyncSession
 
-from cpv3.infrastructure.security import verify_password
+from cpv3.infrastructure.security import hash_password, verify_password
 from cpv3.modules.users.models import User
 from cpv3.modules.users.repository import UserRepository
 from cpv3.modules.users.schemas import UserCreate, UserRegister, UserUpdate
@@ -40,6 +40,12 @@ class UserService:
     async def deactivate_user(self, user: User) -> None:
         await self._repo.deactivate(user)
 
+    async def change_password(self, user: User, current_password: str, new_password: str) -> None:
+        if not verify_password(current_password, user.password_hash):
+            raise ValueError("Current password is incorrect")
+        new_hash = hash_password(new_password)
+        await self._repo.update_password(user, new_hash)
+
     async def authenticate(self, username: str, password: str) -> User | None:
         user = await self._repo.get_by_username(username)
         if user is None:
@@ -87,6 +93,13 @@ async def deactivate_user(session: AsyncSession, user: User) -> None:
     await service.deactivate_user(user)
 
 
+async def change_password(
+    session: AsyncSession, user: User, current_password: str, new_password: str
+) -> None:
+    service = UserService(session)
+    await service.change_password(user, current_password, new_password)
+
+
 async def authenticate(session: AsyncSession, username: str, password: str) -> User | None:
     service = UserService(session)
     return await service.authenticate(username, password)