mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-03 14:47:30 +02:00
Code Issues Releases Wiki Activity

Improve documentation on password reset by dividing it into steps

Browse Source
This commit is contained in:
Marco
2018-03-10 17:47:03 +01:00
parent 477164e8ec
commit a1ae66374b
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -228,6 +228,8 @@ Omit the third parameter or set it to `null` to disable the feature. Otherwise,
### Password reset (“forgot password”) ### Password reset (“forgot password”)
#### Step 1 of 3: Initiating the request
```php ```php
try { try {
$auth->forgotPassword($_POST['email'], function ($selector, $token) { $auth->forgotPassword($_POST['email'], function ($selector, $token) {
@@ -256,6 +258,8 @@ You should build an URL with the selector and token and send it to the user, e.g
$url = 'https://www.example.com/reset_password?selector=' . \urlencode($selector) . '&token=' . \urlencode($token); $url = 'https://www.example.com/reset_password?selector=' . \urlencode($selector) . '&token=' . \urlencode($token);
``` ```
#### Step 2 of 3: Verifying an attempt
As the next step, users will click on the link that they received. Extract the selector and token from the URL. As the next step, users will click on the link that they received. Extract the selector and token from the URL.
If the selector/token pair is valid, let the user choose a new password: If the selector/token pair is valid, let the user choose a new password:
@@ -294,6 +298,8 @@ if ($auth->canResetPassword($_GET['selector'], $_GET['token'])) {
} }
``` ```
#### Step 3 of 3: Updating the password
Now when you have the new password for the user (and still have the other two pieces of information), you can reset the password: Now when you have the new password for the user (and still have the other two pieces of information), you can reset the password:
```php ```php