fix: Use with-error-handling macro in password APIs

Changed password change and reset APIs to use with-error-handling
macro instead of handler-case for consistency with refactored codebase.

This ensures proper error handling using our custom condition system.

auth-routes.lisp

@@ -110,7 +110,7 @@
 (define-api asteroid/user/change-password (current-password new-password) ()
   "API endpoint for users to change their own password"
   (require-authentication)
-  (handler-case
+  (with-error-handling
     (if (and current-password new-password)
         (let* ((current-user (auth:current-user))
                (username (gethash "username" current-user))
@@ -131,17 +131,13 @@
                           :status 401)))
         (api-output `(("status" . "error")
                       ("message" . "Missing required fields"))
-                      :status 400))
+                    :status 400))))
-    (error (e)
-      (api-output `(("status" . "error")
-                    ("message" . ,(format nil "Error changing password: ~a" e)))
-                  :status 500))))
 
 ;; API: Reset user password (admin only)
 (define-api asteroid/admin/reset-password (username new-password) ()
   "API endpoint for admins to reset any user's password"
   (require-role :admin)
-  (handler-case
+  (with-error-handling
     (if (and username new-password)
         (let ((user (find-user-by-username username)))
           (if user
@@ -156,8 +152,4 @@
                           :status 404)))
         (api-output `(("status" . "error")
                       ("message" . "Missing required fields"))
-                      :status 400))
+                    :status 400))))
-    (error (e)
-      (api-output `(("status" . "error")
-                    ("message" . ,(format nil "Error resetting password: ~a" e)))
-                  :status 500))))