new_password2 validation is wrong when new_password does not validate (password strength)

[maxpeterson]

trafficstars

If you post two matching passwords that do not fulfil the password strength validation rules then the endpoint responds that new_password2 does not match

{
  "new_password": ["Password must have at least one upper case letter, one lower case letter, and one number."], 
  "new_password2": ["Your new passwords do not match."]
}

[kevinetienne]

When updating and changing a password we have 2 validators:

• password_strength_validation
• validate_new_password2

If password_strength_validation raises an error the value for new_password would not be in the data and validate_new_password2 will raise another error as new_password would be None.

Looks like we should have a validate method where we can decide on the order of the validation.