diff --git a/catalyst/auth-bundle/Entity/User.php b/catalyst/auth-bundle/Entity/User.php
index 139a6823..a2ea04da 100644
--- a/catalyst/auth-bundle/Entity/User.php
+++ b/catalyst/auth-bundle/Entity/User.php
@@ -3,9 +3,12 @@
 namespace Catalyst\AuthBundle\Entity;
 
 use Doctrine\ORM\Mapping as ORM;
+use Doctrine\Common\Collections\ArrayCollection;
+use Serializable;
+use Symfony\Component\Security\Core\User\UserInterface;
 
 // base User class
-abstract class User
+abstract class User implements UserInterface,Serializable
 {
 	// NOTE: doctrine annotations for roles have to be declared on the child class
     protected $roles;
diff --git a/catalyst/auth-bundle/Exception/AccountDisabledException.php b/catalyst/auth-bundle/Exception/AccountDisabledException.php
new file mode 100644
index 00000000..054d52f7
--- /dev/null
+++ b/catalyst/auth-bundle/Exception/AccountDisabledException.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace Catalyst\AuthBundle\Exception;
+
+use Symfony\Component\Security\Core\Exception\AccountStatusException;
+
+class AccountDisabledException extends AccountStatusException
+{
+    public function getMessageKey()
+    {
+        return 'Account has been disabled.';
+    }
+}
diff --git a/catalyst/auth-bundle/Service/UserChecker.php b/catalyst/auth-bundle/Service/UserChecker.php
new file mode 100644
index 00000000..7c55af1b
--- /dev/null
+++ b/catalyst/auth-bundle/Service/UserChecker.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace Catalyst\AuthBundle\Service;
+
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\User\UserCheckerInterface;
+use Catalyst\AuthBundle\Entity\User;
+use Catalyst\AuthBundle\Exception\AccountDisabledException;
+
+class UserChecker implements UserCheckerInterface
+{
+    public function checkPreAuth(UserInterface $user)
+    {
+        // do nothing
+        return;
+    }
+
+    public function checkPostAuth(UserInterface $user)
+    {
+        // handle catalyst suth users
+        if (!($user instanceof User))
+            return;
+        
+        // check if enabled
+        if (!$user->isEnabled())
+        {
+            throw new AccountDisabledException("Account has been disabled.");
+        }
+    }
+}
diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 1911adb5..c8deb304 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -35,6 +35,7 @@ security:
             simple_preauth:
                 authenticator: Catalyst\APIBundle\Security\APIKeyAuthenticator
             provider: api_key_user_provider
+            user_checker: Catalyst\AuthBundle\Service\UserChecker
 
         main:
             provider: user_provider
@@ -48,6 +49,7 @@ security:
                 secret: '%env(APP_SECRET)%'
                 lifetime: 604800
                 path: /
+            user_checker: Catalyst\AuthBundle\Service\UserChecker
 
             # activate different ways to authenticate
 
diff --git a/config/services.yaml b/config/services.yaml
index 79bb6314..a0dbb56c 100644
--- a/config/services.yaml
+++ b/config/services.yaml
@@ -53,6 +53,8 @@ services:
             $user_class: "App\\Entity\\User"
         tags: ['security.voter']
 
+    Catalyst\AuthBundle\Service\UserChecker:
+
     App\Service\FileUploader:
         arguments:
             $target_dir: '%image_upload_directory%'
diff --git a/src/Entity/User.php b/src/Entity/User.php
index 0a071957..09c90e7c 100644
--- a/src/Entity/User.php
+++ b/src/Entity/User.php
@@ -4,12 +4,10 @@ namespace App\Entity;
 
 use Catalyst\AuthBundle\Entity\User as BaseUser;
 
-use Symfony\Component\Security\Core\User\AdvancedUserInterface;
 use Doctrine\ORM\Mapping as ORM;
 use Doctrine\Common\Collections\ArrayCollection;
 use Symfony\Component\Validator\Constraints as Assert;
 use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
-use Serializable;
 
 /**
  * @ORM\Entity
@@ -17,7 +15,7 @@ use Serializable;
  * @UniqueEntity("username")
  * @UniqueEntity("email")
  */
-class User extends BaseUser implements AdvancedUserInterface, Serializable
+class User extends BaseUser
 {
     /**
      * @ORM\Id