@@ -105,6 +105,28 @@ For LDAP authentication:
105105 LdapIdentifier::CREDENTIAL_PASSWORD => 'password',
106106 ];
107107
108+ SessionAuthenticator ``identify `` Option Removed
109+ -------------------------------------------------
110+
111+ The deprecated ``identify `` option has been removed from ``SessionAuthenticator ``.
112+ Use ``PrimaryKeySessionAuthenticator `` instead if you need to fetch fresh user
113+ data from the database on each request.
114+
115+ **Before (3.x): **
116+
117+ .. code-block :: php
118+
119+ $service->loadAuthenticator('Authentication.Session', [
120+ 'identify' => true,
121+ 'identifier' => 'Authentication.Password',
122+ ]);
123+
124+ **After (4.x): **
125+
126+ .. code-block :: php
127+
128+ $service->loadAuthenticator('Authentication.PrimaryKeySession');
129+
108130 URL Checker Renamed and Restructured
109131-------------------------------------
110132
@@ -278,15 +300,20 @@ New dedicated checker for multiple login URLs:
278300 Migration Tips
279301==============
280302
281- 1. **Search and Replace **:
303+ 1. **Session Identify **:
304+
305+ If you used ``'identify' => true `` on ``SessionAuthenticator ``, switch to
306+ ``PrimaryKeySessionAuthenticator `` which always fetches fresh data.
307+
308+ 2. **Search and Replace **:
282309
283310 - ``AbstractIdentifier::CREDENTIAL_ `` → ``PasswordIdentifier::CREDENTIAL_ ``
284311 - ``IdentifierCollection `` → ``IdentifierFactory ``
285312 - ``'Authentication.CakeRouter' `` → Remove (no longer needed, default is now CakePHP-based)
286313 - ``CakeRouterUrlChecker `` → ``DefaultUrlChecker ``
287314 - Old 3.x ``DefaultUrlChecker `` → ``StringUrlChecker ``
288315
289- 2 . **String URL Checking **:
316+ 3 . **String URL Checking **:
290317
291318 If you want to use string-only URL checking, explicitly configure
292319 ``StringUrlChecker ``:
@@ -298,17 +325,17 @@ Migration Tips
298325 'loginUrl' => '/users/login',
299326 ]);
300327
301- 3 . **Multiple Login URLs **:
328+ 4 . **Multiple Login URLs **:
302329
303330 If you have multiple login URLs, add ``'urlChecker' => 'Authentication.Multi' ``
304331 to your authenticator configuration.
305332
306- 4 . **Custom Identifier Setup **:
333+ 5 . **Custom Identifier Setup **:
307334
308335 If you were passing ``IdentifierCollection `` to authenticators, switch to
309336 either passing a single identifier or null (to use defaults).
310337
311- 5 . **Test Thoroughly **:
338+ 6 . **Test Thoroughly **:
312339
313340 The changes to identifier management and URL checking are significant.
314341 Test all authentication flows after upgrading.
0 commit comments