how to perform change password functionality?

Dear all,

Iam in process of creation an admin panel, i have used

def sign_in

   if request.get?[ :notice ] = 'Please enter your username and password'

   elsif and params[ :admin ]

      session[ :admin_id ] = nil

      @admin = Admin.authenticate(params[:admin][:email],

      if @admin

        session[ :admin_id ] =
        session[ :admin ] =

        redirect_to :action => "list"

      else[ :error ] = 'The username or password entered is




  def add

     if and params[ :admin ]

      @admin = params[ :admin ]) = params[ :admin ][ :name ] = params[ :admin ][ :email ]

      admin_password =

      @admin.password = Base64.encode64(admin_password)


        @admin = Admin.find(

        #calls the sent_order method

        # if so...
        redirect_to :action => 'list'



      # render an empty admin instance
      @admin =



my add and sign in functions are working well, and while iam using
change password method i was not able to perform the operation.

Could any one suggest on using change password option for my above
i have tried the method with following code,

def change_password

    if request.get?

      # if so ...
      @admin =

    # was this action invoked by a post request?

      admin = session[ :admin]

      admin.update_attributes(:password => params[:new_password])

      #@admin.password = params[ :old_password ]

      #@admin.update_attributes( :new_password )


           flash[:notice] = 'Password changed successfully'
           redirect_to :controller => 'admin', :action => 'list'


    else[:notice] = 'Please enter the required parameters'



Thanks in advance

Jose martin