feat: Implement Secure Change Password Flow with Re-authentication and Audit Logging

[Raaaghavagrawal]

Summary

This PR introduces a secure Change Password functionality for authenticated users within the account settings. It resolves an existing security and compliance gap by allowing users to update their credentials safely while enforcing password policies and requiring re-authentication.

Screenshots Or Recordings

Changes

Change Password Feature

1. Added a dedicated Change Password section in account/profile settings
2. Implemented input fields:
   a. Current password
   b. New password
   c. Confirm new password

Re-authentication

1. Integrated Firebase re-authentication before allowing password updates
2. Ensures that only recently authenticated users can change their password

Password Validation

1. Enforced password policy including minimum length and strength checks
2. Validated confirm password match
3. Prevented weak or invalid password patterns where applicable

Error Handling and UX

1. Added clear and user-friendly error messages for:
   a. Incorrect current password
   b. Validation failures
   c. Re-authentication errors
2. Implemented graceful handling of authentication-layer errors
3. Displayed success confirmation on successful password update

Telemetry and Audit Logging

1. Added logging for password change attempts including:
   a. User identifier
   b. Timestamp
   c. Status (success/failure)
   d. Failure reason (if applicable)
2. Ensured no sensitive data (e.g., plaintext passwords) is logged

Testing

1. Tested successful password change flow
2. Tested incorrect current password scenario
3. Tested weak/invalid password rejection
4. Tested re-authentication failure cases
5. Added test coverage for validation logic and error handling

Security Considerations

1. Enforced recent authentication before password updates
2. Verified current password before allowing change
3. Applied password complexity rules
4. Prevented exposure of sensitive data in logs
5. Ensured secure handling of authentication flows

Checklist

✅Authenticated user can change password with correct current password
✅Incorrect current password handled with clear and secure error message
✅Password policy (length and strength) enforced
✅Re-authentication required before password update
✅Validation and auth errors handled gracefully
✅Success confirmation displayed to user
✅Session behavior handled after password change
✅Audit logging implemented for password change attempts
✅No sensitive data (passwords) logged
✅Basic test coverage added for validation and error cases

Out of Scope

✅Mandatory periodic password rotation policy

[yuvraj-shishodia]

The changes in this PR are quite extensive, especially around the change password flow. Additionally, some dependencies have been downgraded, and multiple unnecessary files have been introduced. There are also merge conflicts present.

Given the scale and nature of these changes, it would not be safe to merge this PR in its current state, so I am closing it for now.