mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-02 06:10:14 +02:00
Code Issues Releases Wiki Activity

Simplify documentation for 'changePasswordWithoutOldPassword'

Browse Source
This commit is contained in:
Marco
2017-09-26 22:35:16 +02:00
parent f0bdd7b63e
commit 50220d463b
1 changed files with 1 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
README.md
View File

@@ -312,21 +312,7 @@ catch (\Delight\Auth\TooManyRequestsException $e) {
Asking the user for their current (and soon *old*) password and requiring it for verification is the recommended way to handle password changes. This is shown above. Asking the user for their current (and soon *old*) password and requiring it for verification is the recommended way to handle password changes. This is shown above.
If youre sure that you dont need that confirmation, however, you may use the following method instead: If youre sure that you dont need that confirmation, however, you may call `changePasswordWithoutOldPassword` instead of `changePassword` and drop the first parameter from that method call (which would otherwise contain the old password).
```php
try {
$auth->changePasswordWithoutOldPassword($_POST['newPassword']);
// password has been changed
}
catch (\Delight\Auth\NotLoggedInException $e) {
// not logged in
}
catch (\Delight\Auth\InvalidPasswordException $e) {
// invalid password
}
```
In any case, after the users password has been changed, you should send an email to their accounts primary email address as an out-of-band notification informing the account owner about this critical change. In any case, after the users password has been changed, you should send an email to their accounts primary email address as an out-of-band notification informing the account owner about this critical change.