applied code review suggestions on docs

sammyskills · sammyskills · commit 03351e0255f9 · 2023-02-02T20:28:17.000+01:00
diff --git a/docs/forcing_password_reset.md b/docs/forcing_password_reset.md
@@ -0,0 +1,67 @@
+# Forcing Password Reset
+
+Depending on the scope of your application, there may be times when you'll decide that it is absolutely necessary to force user(s) to reset their password. This practice is common when you find out that users of your application do not use strong passwords OR there is a reasonable suspicion that their passwords have been compromised. This guide provides you with ways to achieve this.
+
+- [Forcing Password Reset](#forcing-password-reset)
+  - [Available Methods](#available-methods)
+    - [Check if a User Requires Password Reset](#check-if-a-user-requires-password-reset)
+    - [Force Password Reset On a User](#force-password-reset-on-a-user)
+    - [Removing Password Reset Flag On a User](#removing-password-reset-flag-on-a-user)
+    - [Force Password Reset On Multiple Users](#force-password-reset-on-multiple-users)
+    - [Force Password Reset On All Users](#force-password-reset-on-all-users)
+
+## Available Methods
+
+Shield provides a way to enforce password resets throughout your application. The `Resettable` trait on the `User` entity and the `UserIdentityModel` provides the following methods to do so.
+
+### Check if a User Requires Password Reset
+
+When you need to check if a user requires password reset, you can do so using the `requiresPasswordReset()` method on the `User` entity. Returns boolean `true`/`false`.
+
+```php
+if ($user->requiresPasswordReset()) {
+    //...
+}
+```
+
+### Force Password Reset On a User
+
+To force password reset on a user, you can do so using the `forcePasswordReset()` method on the `User` entity. Returns boolean `true`/`false`.
+
+```php
+$user->forcePasswordReset();
+```
+
+### Remove Force Password Reset Flag On a User
+
+Undoing or removing the force password reset flag on a user can be done using the `undoForcePasswordReset()` method on the `User` entity. Returns boolean `true`/`false`.
+
+```php
+$user->undoForcePasswordReset();
+```
+
+### Force Password Reset On Multiple Users
+
+If you see the need to force password reset for more than one user, the `forceMultiplePasswordReset()` method of the `UserIdentityModel` allows you to do this easily. It accepts an `Array` of user IDs.
+
+```php
+use CodeIgniter\Shield\Models\UserIdentityModel;
+...
+...
+...
+$identities = new UserIdentityModel();
+$identities->forceMultiplePasswordReset([1,2,3,4]);
+```
+
+### Force Password Reset On All Users
+
+If you suspect a security breach or compromise in the passwords of your users, you can easily force password reset on all the users of your application using the `forceGlobalPasswordReset()` method of the `UserIdentityModel`.
+
+```php
+use CodeIgniter\Shield\Models\UserIdentityModel;
+...
+...
+...
+$identities = new UserIdentityModel();
+$identities->forceGlobalPasswordReset();
+```
diff --git a/docs/index.md b/docs/index.md
@@ -6,6 +6,7 @@
 * [Authentication](authentication.md)
 * [Authorization](authorization.md)
 * [Auth Actions](auth_actions.md)
+* [Forcing Password Reset](forcing_password_reset.md)
 * [Events](events.md)
 * [Testing](testing.md)
 * [Customization](customization.md)
diff --git a/docs/quickstart.md b/docs/quickstart.md
@@ -30,12 +30,6 @@ Learning any new authentication system can be difficult, especially as they get
     - [Creating Users](#creating-users)
     - [Deleting Users](#deleting-users)
     - [Editing a User](#editing-a-user)
-  - [Forcing Password Reset](#forcing-password-reset)
-    - [requiresPasswordReset()](#requirespasswordreset)
-    - [forcePaswordReset()](#forcepasswordreset)
-    - [undoForcePasswordReset()](#undoforcepasswordreset)
-    - [forceMultiplePasswordReset()](#forcemultiplepasswordreset)
-    - [forceGlobalPasswordReset()](#forceglobalpasswordreset)
 
 ## Authentication Flow
 
@@ -318,61 +312,3 @@ $user->fill([
 ]);
 $users->save($user);
 ```
-
-## Forcing Password Reset
-
-Shield provides a way to enforce password resets throughout your application. The `Resettable` trait on the `User` entity provides the following utility methods to do so.
-
-#### requiresPasswordReset()
-
-Allows you to check if a user requires password reset. Returns boolean `true`/`false`.
-
-```php
-if ($user->requiresPasswordReset()) {
-    //...
-}
-```
-
-#### forcePasswordReset()
-
-Allows you to force password reset on a user. Returns boolean `true`/`false`.
-
-```php
-$user->forcePasswordReset();
-```
-
-#### undoForcePasswordReset()
-
-Allows you to undo or remove the force password reset flag on a user. Returns boolean `true`/`false`.
-
-```php
-$user->undoForcePasswordReset();
-```
-
-There are times when you might want to force password reset on multiple users or for all users in your application, maybe due to security breach. The `UserIdentityModel` provides methods to do this easily.
-
-#### forceMultiplePasswordReset()
-
-This allows you to force password reset for multiple users. Accepts an array of user IDs.
-
-```php
-use CodeIgniter\Shield\Models\UserIdentityModel;
-...
-...
-...
-$identities = new UserIdentityModel();
-$identities->forceMultiplePasswordReset([1,2,3,4]);
-```
-
-#### forceGlobalPasswordReset()
-
-This allows you to force password reset all the users in your application.
-
-```php
-use CodeIgniter\Shield\Models\UserIdentityModel;
-...
-...
-...
-$identities = new UserIdentityModel();
-$identities->forceGlobalPasswordReset();
-```
