add an example

symfony · lacatoire · Jan 27, 2026 · Jan 28, 2026 · Jan 28, 2026 · 1de858a882fa5e336a1d182ae86419944cc5479d
commit 1de858a882fa5e336a1d182ae86419944cc5479d
diff --git a/security/login_link.rst b/security/login_link.rst
@@ -410,6 +410,34 @@ The properties are fetched from the user object using the
     Signature properties can be enum values (both ``UnitEnum`` and backed enums).
     Changing the enum case automatically invalidates existing login links.
 
+A common use case is to invalidate all existing login links when a user's
+security-related state changes (for example after requesting a password reset).
+
+For example, you can include an enum value in the signature properties::
+
+    enum LoginState: string
+    {
+        case ACTIVE = 'active';
+        case PASSWORD_RESET = 'password_reset';
+    }
+
+    class User
+    {
+        private LoginState $loginState;
+
+
+        public function getLoginLinkSignatureProperties(): array
+        {
+            return [
+                'login_state' => $this->loginState,
+            ];
+        }
+    }
+
+
+When the ``LoginState`` changes (e.g. from ``ACTIVE`` to ``PASSWORD_RESET``),
+all previously generated login links for that user become invalid automatically.
+
 Configure a Maximum Use of a Link
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~