@@ -173,10 +173,9 @@ What do the serialize and unserialize Methods do?
173173At the end of each request, the User object is serialized to the session.
174174On the next request, it's unserialized. To help PHP do this correctly, you
175175need to implement ``Serializable ``. But you don't need to serialize everything:
176- you only need a few fields (the ones shown above plus a few extra if you
177- decide to implement :ref: `AdvancedUserInterface <security-advanced-user-interface >`).
178- On each request, the ``id `` is used to query for a fresh ``User `` object
179- from the database.
176+ you only need a few fields (the ones shown above plus a few extra if you added
177+ other important fields to your user entity). On each request, the ``id `` is used
178+ to query for a fresh ``User `` object from the database.
180179
181180Want to know more? See :ref: `security-serialize-equatable `.
182181
@@ -326,6 +325,11 @@ and password ``admin`` (which has been encoded).
326325Forbid Inactive Users (AdvancedUserInterface)
327326---------------------------------------------
328327
328+ .. versionadded :: 4.1
329+ The ``AdvancedUserInterface `` class was deprecated in Symfony 4.1 and no
330+ alternative is provided. If you need this functionality in your application,
331+ add the ``AdvancedUserInterface `` methods to your own user class.
332+
329333If a User's ``isActive `` property is set to ``false `` (i.e. ``is_active ``
330334is 0 in the database), the user will still be able to login to the site
331335normally. This is easily fixable.
0 commit comments