diff --git a/api/src/auth/models.py b/api/src/auth/models.py
index 67df8b3..1937ef6 100644
--- a/api/src/auth/models.py
+++ b/api/src/auth/models.py
@@ -1,8 +1,9 @@
-from api.database import Base
 from sqlalchemy import Column, Integer, String
 from sqlalchemy.sql.expression import text
 from sqlalchemy.sql.sqltypes import TIMESTAMP
 
+from api.database import Base
+
 
 class User(Base):
     __tablename__ = "users"
diff --git a/api/src/auth/router.py b/api/src/auth/router.py
index 806cf86..22be03b 100644
--- a/api/src/auth/router.py
+++ b/api/src/auth/router.py
@@ -1,11 +1,17 @@
-from api.database import get_db
 from auth import models, schemas
 from auth.crud import change_user_password, create_new_user, get_user_by_email
-from auth.utils import create_access_token, verify, verify_reset_password_token
+from auth.utils import (
+    create_access_token,
+    get_hashed_password,
+    verify,
+    verify_reset_password_token,
+)
 from fastapi import APIRouter, Body, Depends, HTTPException, status
 from fastapi.security import OAuth2PasswordRequestForm
 from sqlalchemy.orm import Session
 
+from api.database import get_db
+
 router = APIRouter(prefix="/api", tags=["auth"])
 
 
@@ -63,3 +69,26 @@ def reset_user_password(
         )
     change_user_password(db, user, new_password)
     return {"message": "Password reset successfully"}
+
+
+@router.post("/change-password/", response_model=schemas.Message)
+def change_password(
+    user_email: str = Body(...),
+    old_password: str = Body(...),
+    new_password: str = Body(...),
+    db: Session = Depends(get_db),
+):
+    user = get_user_by_email(db=db, user_email=user_email)
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND, detail="User not found"
+        )
+    hashed_password = user.hashed_password
+    if verify(plain_password=old_password, hashed_password=hashed_password):
+        change_user_password(db, user, new_password)
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Old password don't match with current password",
+        )
+    return {"message": "Password changed successfully"}
diff --git a/api/src/main.py b/api/src/main.py
index 45b3ad0..414d557 100644
--- a/api/src/main.py
+++ b/api/src/main.py
@@ -1,10 +1,11 @@
 # root of the project, which inits the FastAPI app
 from api.config import CORS_ORIGINS
-from api.database import engine
 from auth import models, router
 from fastapi import FastAPI
 from fastapi.middleware.cors import CORSMiddleware
 
+from api.database import engine
+
 models.Base.metadata.create_all(bind=engine)
 
 app = FastAPI()