So, implementing this ability must be done in two parts:
1) Part 1 - client side:
You must implement UI simillar to what we have in web part. So for changing password you need to have 3 inputs (one for old password, two for new passwords) and button for sending data.
Before sending requests to API we need have client-side validations:
a) all inputs must be entered
b) password must be in range 6-16 symbols
c) You must check that in both 'new password' field values are equal.
So on errors on client-side validation you need to output appropriate messages
After validation passed you need to send data to api:
2) API side
URL: <host>/api/v1/change-password/
Request:
{"user_token": "<user_token>",
"prev_password": "<previous user password>",
"new_password": "<new user password>"}
Error response (user with token not exists):
{"status": 404,
"details": "not exists"}
Previous password not match (successful request, but error as logic):
OlegKlimenko
commented
7 years ago 
So, implementing this ability must be done in two parts:
1) Part 1 - client side: You must implement UI simillar to what we have in web part. So for changing password you need to have 3 inputs (one for old password, two for new passwords) and button for sending data. Before sending requests to API we need have client-side validations: a) all inputs must be entered b) password must be in range 6-16 symbols c) You must check that in both 'new password' field values are equal.
So on errors on client-side validation you need to output appropriate messages After validation passed you need to send data to api:
2) API side URL:
<host>/api/v1/change-password/Request:Error response (user with token not exists):
Previous password not match (successful request, but error as logic):
Successful change: