PUT `/auth/me/password`

验证旧密码后设置新密码，修改成功后自动撤销所有会话以确保账户安全。参考：NIST SP 800-63B §5.1.1.2、OWASP ASVS V2.1。

身份认证 `bearerAuth` application/json

Request Body

Schema: dto.HTTPChangePasswordRequest

Field	Type	Required	Example	Constraints	Description
`new_password`	`string`	Yes		length: 8–?	New password
`old_password`	`string`	No			Old password (optional for admin reset)

Responses

Status	Description	Schema
200	密码修改成功，所有会话已撤销	`dto.ChangePasswordResponse`
400	请求参数无效或旧密码验证失败	`gitee_com_linmes_authms_base_dto.SimpleResponse`
401	未认证或令牌无效	`gitee_com_linmes_authms_base_dto.SimpleResponse`
500	服务器内部错误	`gitee_com_linmes_authms_base_dto.SimpleResponse`

Referenced Schemas

dto.ChangePasswordResponse

Field	Type	Required	Example	Constraints	Description
`code`	`integer`	No
`message`	`string`	No

gitee_com_linmes_authms_base_dto.SimpleResponse

Field	Type	Required	Example	Constraints	Description
`code`	`integer`	No
`message`	`string`	No
`timestamp`	`string`	No

Try this API in Scalar → Download OpenAPI spec (JSON) ↓

↑