So far, users can now edit their profile details. Now let's give them the ability to change their password. Open start/routes.js and add the code below just after the update user profile route within the user's account route group:

// start/routes.js

Route.put('/change_password', 'UserController.changePassword');

Let's create the changePassword method. Add the code below to app/Controllers/Http/UserController.js:

// app/Controllers/Http/UserController.js

// add this to the top of the file
const Hash = use('Hash')

async changePassword ({ request, auth, response }) {
    // get currently authenticated user
    const user = auth.current.user

    // verify if current password matches
    const verifyPassword = await Hash.verify(

    // display appropriate message
    if (!verifyPassword) {
        return response.status(400).json({
            status: 'error',
            message: 'Current password could not be verified! Please try again.'

    // hash and save new password
    user.password = await Hash.make(request.input('newPassword'))

    return response.json({
        status: 'success',
        message: 'Password updated!'

We import Adonis's Hash helper at the top of the file. Just as we did with editing the user's profile, we get the details of the currently authenticated user. We make the user enter his/her current password, and then we verify the password entered against what's in the database using the Hash helper. If the passwords doesn't match, we display an appropriate message. If they match, we hash and persist the new password to the database.

Table of Contents

    Finally, we return a JSON object with a success message and the user details.

    Chimezie Enyinnaya

    16 posts

    Software Developer [PHP Laravel JavaScript NodeJS AdonisJS VueJS] | movie lover | run