fix

app/Http/Controllers/Auth/PasswordController.php

@@ -4,7 +4,6 @@
 
 use App\Http\Controllers\Controller;
 use App\Http\Requests\Auth\PasswordRequest;
-use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Symfony\Component\HttpFoundation\Response;
 
@@ -17,17 +16,6 @@ public function update(PasswordRequest $request): Response
     {
         $validated = $request->validated();
 
-        if (! Auth::attempt([
-            'email' => $request->user()->email,
-            'password' => $validated['current_password'],
-        ])) {
-            $errors = ['current_password' => trans('auth.failed')];
-
-            return $request->expectsJson()
-                ? response()->json(['message' => $errors['current_password'], 'errors' => $errors], 400)
-                : back()->withErrors($errors);
-        }
-
         $request->user()->update([
             'password' => Hash::make($validated['password']),
         ]);

app/Http/Requests/Auth/PasswordRequest.php

@@ -9,6 +9,13 @@ class PasswordRequest extends FormRequest
 {
     use PasswordValidationRules;
 
+    /**
+     * The key to be used for the view error bag.
+     *
+     * @var string
+     */
+    protected $errorBag = 'updatePassword';
+
     /**
      * Determine if the user is authorized to make this request.
      */
@@ -25,7 +32,7 @@ public function authorize(): bool
     public function rules(): array
     {
         return [
-            'current_password' => 'required|string',
+            'current_password' => 'required|string|current_password',
             'password' => $this->passwordRules(),
         ];
     }