Admins can change passwords. Request user confirmation to open gate

src/routers/admins.py

@@ -6,7 +6,7 @@ from sqlalchemy.orm import Session
 from core.auth import hash_password
 from core.database import AdminUser, get_db
 from core.dependencies import require_admin
-from core.schemas import AdminUserCreate, AdminUserResponse
+from core.schemas import AdminUserCreate, AdminUserResponse, AdminPasswordChange
 
 router = APIRouter(prefix="/api/admin/admins", tags=["admin-admins"])
 
@@ -53,3 +53,19 @@ async def delete_admin(
         raise HTTPException(409, "Cannot delete the last admin account")
     db.delete(user)
     db.commit()
+
+
+@router.patch("/{username}/password", status_code=204)
+async def change_password(
+    username: str,
+    req: AdminPasswordChange,
+    db: Session = Depends(get_db),
+    _: dict = Depends(require_admin),
+):
+    if not req.new_password:
+        raise HTTPException(422, "Password cannot be empty")
+    user: Optional[AdminUser] = db.query(AdminUser).filter_by(username=username).first()
+    if not user:
+        raise HTTPException(404, "Admin not found")
+    user.password_hash = hash_password(req.new_password)
+    db.commit()