Added endpoint for updating user's password.

gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/domains/auth/controller/AuthController.java

@@ -79,12 +79,36 @@ public class AuthController {
 		return new UserResponse(user);
 	}
 
+	/**
+	 * Endpoint for updating one's own password.
+	 * @param user The user that's updating their password.
+	 * @param payload The payload with the new password.
+	 * @return An empty 200 OK response.
+	 */
+	@PostMapping(path = "/auth/me/password")
+	public ResponseEntity<Void> updateMyPassword(@AuthenticationPrincipal User user, @RequestBody PasswordUpdatePayload payload) {
+		userService.updatePassword(user.getId(), payload);
+		return ResponseEntity.ok().build();
+	}
+
+	/**
+	 * <strong>Public endpoint</strong> for requesting a reset code to be sent
+	 * to an account with the given email address.
+	 * @param email The email address.
+	 * @return An empty 200 OK response.
+	 */
 	@GetMapping(path = "/auth/reset-password")
 	public ResponseEntity<Void> generatePasswordResetCode(@RequestParam String email) {
 		userService.generatePasswordResetCode(email);
 		return ResponseEntity.ok().build();
 	}
 
+	/**
+	 * <strong>Public endpoint</strong> for resetting one's password using a
+	 * reset code obtained from an email.
+	 * @param payload The payload containing the code and new password.
+	 * @return An empty 200 OK response.
+	 */
 	@PostMapping(path = "/auth/reset-password")
 	public ResponseEntity<Void> resetPassword(@RequestBody PasswordResetPayload payload) {
 		userService.resetUserPassword(payload);

gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/domains/auth/dto/PasswordUpdatePayload.java

@@ -0,0 +1,3 @@
+package nl.andrewlalis.gymboard_api.domains.auth.dto;
+
+public record PasswordUpdatePayload(String newPassword) {}

gymboard-api/src/main/java/nl/andrewlalis/gymboard_api/domains/auth/service/UserService.java

@@ -3,10 +3,7 @@ package nl.andrewlalis.gymboard_api.domains.auth.service;
 import jakarta.mail.MessagingException;
 import jakarta.mail.internet.MimeMessage;
 import nl.andrewlalis.gymboard_api.domains.auth.dao.PasswordResetCodeRepository;
-import nl.andrewlalis.gymboard_api.domains.auth.dto.PasswordResetPayload;
-import nl.andrewlalis.gymboard_api.domains.auth.dto.UserActivationPayload;
-import nl.andrewlalis.gymboard_api.domains.auth.dto.UserCreationPayload;
-import nl.andrewlalis.gymboard_api.domains.auth.dto.UserResponse;
+import nl.andrewlalis.gymboard_api.domains.auth.dto.*;
 import nl.andrewlalis.gymboard_api.domains.auth.dao.UserActivationCodeRepository;
 import nl.andrewlalis.gymboard_api.domains.auth.dao.UserRepository;
 import nl.andrewlalis.gymboard_api.domains.auth.model.PasswordResetCode;
@@ -192,7 +189,20 @@ public class UserService {
 
 		// TODO: Validate password.
 
-		code.getUser().setPasswordHash(passwordEncoder.encode(payload.newPassword()));
+		User user = code.getUser();
+		user.setPasswordHash(passwordEncoder.encode(payload.newPassword()));
+		userRepository.save(user);
 		passwordResetCodeRepository.delete(code);
 	}
+
+	@Transactional
+	public void updatePassword(String id, PasswordUpdatePayload payload) {
+		User user = userRepository.findById(id)
+				.orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+
+		// TODO: Validate password.
+
+		user.setPasswordHash(passwordEncoder.encode(payload.newPassword()));
+		userRepository.save(user);
+	}
 }