how to perform change password functionality?

Dear all,

Iam in process of creation an admin panel, i have used

def sign_in

   if request.get?

      flash.now[ :notice ] = 'Please enter your username and password'

   elsif request.post? and params[ :admin ]

      session[ :admin_id ] = nil

      @admin = Admin.authenticate(params[:admin][:email],
                                  params[:admin][:password])

      if @admin

        session[ :admin_id ] = @admin.id
        session[ :admin ] = @admin.name

        redirect_to :action => "list"

      else

        flash.now[ :error ] = 'The username or password entered is
incorrect'

      end

    end

  end

  def add

     if request.post? and params[ :admin ]

      @admin = Admin.new( params[ :admin ])

      @admin.name = params[ :admin ][ :name ]

      @admin.email = params[ :admin ][ :email ]

      admin_password =
Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{@admin.name}--")[0,6]

      @admin.password = Base64.encode64(admin_password)

      if @admin.save

        @admin = Admin.find(@admin.id)

        #calls the sent_order method
        Adminpassword.deliver_sent(@admin)

        # if so...
        redirect_to :action => 'list'

      end

    else

      # render an empty admin instance
      @admin = Admin.new

    end

  end

my add and sign in functions are working well, and while iam using
change password method i was not able to perform the operation.

Could any one suggest on using change password option for my above
controller,
i have tried the method with following code,

def change_password

    if request.get?

      # if so ...
      @admin = Admin.new

    # was this action invoked by a post request?
    elsif request.post?

      admin = session[ :admin]

      admin.update_attributes(:password => params[:new_password])

      #@admin.password = params[ :old_password ]

      #@admin.update_attributes( :new_password )

      if admin.save

           flash[:notice] = 'Password changed successfully'
           redirect_to :controller => 'admin', :action => 'list'

                      end

    else

      flash.now[:notice] = 'Please enter the required parameters'

    end

  end

Thanks in advance

Regards,
Jose martin