feat(web): change password (#7676)

Add the ability for users to change their password from their user settings, without requiring them to use the reset password workflow. User's are required to create a elevated session in order to change their password. Users may not change their password to their current password. The user's current password is required for the password change. Users must follow any established password policies. Administrators are able to turn this feature off.

Closes #3548

1 files changed, 13 insertions, 4 deletions

diff --git a/internal/authentication/user_provider.go b/internal/authentication/user_provider.go
index 516345d15..9d56e65cd 100644
--- a/internal/authentication/user_provider.go
+++ b/internal/authentication/user_provider.go
@@ -4,14 +4,23 @@ import (
 	"github.com/authelia/authelia/v4/internal/model"
 )
 
-// UserProvider is the interface for checking user password and
-// gathering user details.
+// UserProvider is the interface for interacting with the authentication backends.
 type UserProvider interface {
 	model.StartupCheck
 
-	CheckUserPassword(username, password string) (valid bool, err error)
+	// CheckUserPassword is used to check if a password matches for a specific user.
+	CheckUserPassword(username string, password string) (valid bool, err error)
+
+	// GetDetails is used to get a user's information.
 	GetDetails(username string) (details *UserDetails, err error)
+
 	GetDetailsExtended(username string) (details *UserDetailsExtended, err error)
-	UpdatePassword(username, newPassword string) (err error)
+
+	// UpdatePassword is used to change a user's password without verifying their old password.
+	UpdatePassword(username string, newPassword string) (err error)
+
+	// ChangePassword is used to change a user's password but requires their old password to be successfully verified.
+	ChangePassword(username string, oldPassword string, newPassword string) (err error)
+
 	Shutdown() (err error)
 }