From 91f50a80bb1d7e079665667178d40a4ca30c9029 Mon Sep 17 00:00:00 2001 From: Marco Date: Fri, 4 Aug 2017 00:45:41 +0200 Subject: [PATCH] Document method 'changePasswordWithoutOldPassword' from class 'Auth' --- README.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/README.md b/README.md index c388360..c9cc31e 100644 --- a/README.md +++ b/README.md @@ -305,6 +305,24 @@ catch (\Delight\Auth\InvalidPasswordException $e) { } ``` +Asking the user for their current (and soon *old*) password and requiring it for verification is the recommended way to handle password changes. This is shown above. + +If you’re sure that you don’t need that confirmation, however, you may use the following method instead: + +```php +try { + $auth->changePasswordWithoutOldPassword($_POST['newPassword']); + + // password has been changed +} +catch (\Delight\Auth\NotLoggedInException $e) { + // not logged in +} +catch (\Delight\Auth\InvalidPasswordException $e) { + // invalid password +} +``` + ### Changing the current user's email address If a user is currently logged in, they may change their email address.