function logic for password verification using bcrypt that is getting a double render error

Question

working on a Passwords_Controller that allows the password to be changed, also validates if the user is using same password, or if they are trying to use different password, and another password to confirm. I have it set to "redirect_to" to my dashboard controller that lands them back to be the page to enter the password again before user is updated with new password.

currently I am getting a DoubleRenderError. I have some "puts" with extrapolation see if the logic is passing through the controller and rendering I'm new to rails, so i'm not exactly sure if its my redirect statements that are stopping the validation of old pw, new password - confirm password logic in my controller, or I have too many if statements that is forcing the controller to do double render.

(output of on the terminal with statements for error)

    Redirected to http://127.0.0.1:3000/dashboard
true
is this working asdf <~~ test username
is this also working $2a$12$d5WadQunMyww2r4lnmqgveoXaq6WO6hNXvsG/h3RxqUxGFCp6tnWm
Redirected to 
Completed 500 Internal Server Error in 738ms (ActiveRecord: 9.1ms | Allocations: 6474)
  
AbstractController::DoubleRenderError (Render and/or redirect were called multiple times in this action. Please note that you may only call render OR redirect, and at most once per action. Also note that neither redirect nor render terminate execution of the action, so if you want to exit an action after redirecting, you need to do something like "redirect_to(...) and return".):

this is my password controller

    require 'bcrypt'

class PasswordsController < ApplicationController
    include BCrypt

    def passwordchanged
    end

    def update
        user = current_user;

        #user entered correct password
        if user.authenticate(params[:password])
            helpers.flash_message :danger, "current password doesnt match"
            redirect_to '/dashboard'
        end
        
        puts "#{user.authenticate(params[:password])}"
        puts "is this working #{params[:new_password]}" 
        puts "is this also working #{Password.new(user.password)}" 
        
        #if new password is the same as new password, doesnt not save
        if Password.new(user.password) == params[:new_password]
            helpers.flash_message :danger, "new password can't match current password, please try again"
            redirect_to '/login'
        end
        puts "#{redirect_to '/login'}"

        #if new password doesnt match confirm password
        if params[:new_password] != params[:new_password_confirm]
            helpers.flash_message :danger, "password, password confirm needs to match"
            redirect_to '/dashboard'
        end

        puts "#{params[:new_password] != params[:new_password_confirm]}"

        
        #create a new password and save the user ID
        user.password = params[:new_password] 
        user.save
        
        helpers.flash_message :success, "change successful, logout for new session"
        redirect_to '/passwordchangesuccess'
    end
end

this is my Application Controller

    class ApplicationController < ActionController::Base
  helper_method :current_user

  def current_user
    User.find_by(id: session[:user_id])
  end

  def authenticate_user!
      redirect_to '/login' unless current_user 
  end
end