Updates the password for a user account. This is a self-service action — users can only change their own password, not another user’s. The server verifies the currentPassword before applying the change.
Endpoint: USERS service — https://script.google.com/macros/s/AKfycbxAqyEcAHetH6yN4qccGILL-L3IzMSPVuVJ1kpuO86GqfDXTKP8cHrrB7UkKN1r_0g5/exec
Action: changePassword
This action verifies that the authenticated user ID (userId) matches the session token owner. A user cannot change another user’s password through this endpoint. Administrators who need to reset a password can use updateUser with a Password field in the updates object.
Request
Must be "changePassword".
The ID of the currently authenticated user.
The user’s current password. Must match the stored value exactly (case-sensitive).
The new password to set for the account.
The active session token from the user’s stored session. Used to verify the request is made by the account owner.
Response
"success" on success, "error" on failure.
"Contraseña actualizada correctamente." on success. An error message if currentPassword is incorrect, the user is not found, or the session token does not match.
Example
const USERS_ENDPOINT = 'https://script.google.com/macros/s/AKfycbxAqyEcAHetH6yN4qccGILL-L3IzMSPVuVJ1kpuO86GqfDXTKP8cHrrB7UkKN1r_0g5/exec';
const session = JSON.parse(localStorage.getItem('gpsepedia_session'));
const response = await fetch(USERS_ENDPOINT, {
method: 'POST',
headers: { 'Content-Type': 'text/plain' },
body: JSON.stringify({
action: 'changePassword',
payload: {
userId: session.ID,
currentPassword: 'oldPassword123',
newPassword: 'newSecurePass456',
sessionToken: session.SessionToken
}
}),
redirect: 'follow'
});
const result = await response.json();
if (result.status === 'success') {
console.log('Password updated successfully');
} else {
console.error(result.message); // e.g., "La contraseña actual es incorrecta."
}