Merge branch 'master' of github.com:neroniaky/angular2-token

arjenbrandenburgh · arjenbrandenburgh · commit 47fcc38b5983 · 2018-07-24T08:37:56.000+02:00
diff --git a/.gitignore b/.gitignore
@@ -14,8 +14,11 @@ npm-debug.log
 .DS_Store
 **/.DS_Store
 
-# VSCode config
+# Ignore VSCode Config
 .vscode
 
+# JetBrains
+.idea
+
 # Yarn
 yarn-error.log
diff --git a/README.md b/README.md
@@ -267,16 +267,29 @@ this.tokenService.validateToken().subscribe(
 ```
 
 ### .updatePassword()
-Updates the password for the logged in user.
-`updatePassword({password: string, passwordConfirmation: string, passwordCurrent: string, userType?: string, resetPasswordToken?: string}): Observable<Response>`
+Updates the password for the logged in user. Note that there are two main flows that this is used for - 
+a user changing their password while they are already logged in and a "forgot password" flow where the user is doing an 
+update via the link in a reset password email. 
+
+For a normal password update, you need to send the new password twice, for confirmation and you may also have to send 
+the current password for extra security. The setting "check_current_password_before_update" in the Devise Token Auth 
+library is used to control if the current password is required or not.
+
+For the reset password flow where the user is not logged in, this library does not currently support a password update 
+via this updatePassword call. This is because an update password call in that scenario requires the auth headers to be 
+created from the query strings in the redirected URL sent from the server once the email reset link is clicked. 
+You will need to provide this functionality yourself and use the .request() method below to send a PUT to the password 
+endpoint with the correct headers. Your code should copy over the client_id, expiry, token and uid query string 
+values from the redirected URL into their respective header properties.
+
+`updatePassword({password: string, passwordConfirmation: string, passwordCurrent: string, userType?: string}): Observable<Response>`
 
 #### Example:
 ```javascript
 this.tokenService.updatePassword({
     password:             'newPassword',
     passwordConfirmation: 'newPassword',
     passwordCurrent:      'oldPassword',
-    resetPasswordToken:   'resetPasswordToken',
 }).subscribe(
     res =>      console.log(res),
     error =>    console.log(error)
