UserChecker exception messages

[clytemnestra]

The default UserChecker throws certain messages like:

        if (!$user->isAccountNonLocked()) {
            $ex = new LockedException('User account is locked.');
            $ex->setUser($user);
            throw $ex;
        }

But the problem is that each of those exceptions have a method that overwrites whatever the constructor exception message is

    public function getMessageKey()
    {
        return 'Account is locked.';
    }

So the constructor message is irrelevant.

Why is there a constructor message existing, then?

This is also strange to translate, since it's not a key, it's a whole string you have to translate, and it's not even visible from the constructor, you need to translate the string returned from each exception's getMessageKey() method.

The user will never see 'User account is locked.', they will see 'Account is locked.'.

[stof]

getMessageKey gives you the translation key (which is indeed also the English message in the component, to make it easier for projects not using the translator) allowing to display a user-facing message which is safe.
The exception message itself is meant for the developer (it can appear in the logs) but should not be displayed to the end-user as it can contain sensitive information (for instance, if there is a bug in the database query used by your user provider, the exception message could contain the SQL query being run).

[clytemnestra]

Makes sense. Didn't think about projects not using translator at all. Thanks for the info!