🚀 Need a ready-to-deploy version?
Includes Docker, setup guide, sample responses, and full API structure.
A secure and modular Flask API endpoint to change user passwords via JWT authentication. Checks the old password and saves the new one after hashing.
- 🧠 Authenticated password change via JWT
- 🔐 Validates
old_password, storesnew_passwordsecurely - 🧾 Uses bcrypt for password hashing
- 🚫 Handles missing token, bad credentials, and generic exceptions
- 🧱 SQLite + Flask-SQLAlchemy integration
- 🐳 Docker-ready
POST /change-password
Headers:
Authorization: Bearer <your.jwt.token>
Request Body:
{
"old_password": "currentpassword",
"new_password": "newsecurepassword"
}Success Response:
{
"message": "Password updated"
}{ "error": "Authorization token missing or invalid" }
{ "error": "Unprocessable token or malformed request" }
{ "error": "Old password is incorrect" }pip install -r requirements.txt- Flask
- Flask-JWT-Extended
- Flask-SQLAlchemy
- Flask-Bcrypt
python app.pyOr via Docker:
docker build -t secure-password-update-api .
docker run -p 5000:5000 secure-password-update-api- ✅ Valid password update
⚠️ Wrong old password- 🛑 Missing or expired JWT
Screenshots saved in
/screens
Includes full JWT protection, bcrypt hashing, and Docker setup:
- Email: talabov.ali72@gmail.com
- Telegram: @talabovali
Need this in another language/stack (Node.js, Go, etc)?
Custom dev available — just reach out.