如果在用户登录后想额外调用除 user,id之外的数据库变量,可以这样设置:
在登陆验证时候增加额外项:Yii::app()->user->last_login_time
在UserIdentity.php中

class UserIdentity extends CUserIdentity  
{  
    $this->setState('last_login_time',$user->last_login_time);  
}  

如此,在应用程序的任何地方,这个属性可以通过如下获取:Yii::app()->user->last_login_time
再重新登录看看,

public function setState($key, $value, $defaultValue = null) {  
    $key = $this->getStateKeyPrefix() . $key;  
    if ($value === $defaultValue)  
        unset($_SESSION[$key]);  
    else  
        $_SESSION[$key] = $value;  
}  

其实他将信息放到session中了
其中的user是yii的一个components.需要在protected/config/main.php中定义

'user'=>array(  
        // enable cookie-based authentication  
        'allowAutoLogin'=>true,  
        'loginUrl' => array('site/login'),  
), 

通过扩展CWebUser添加信息到Yii:app()->user
步骤:1、添加$user属性到UserIdentity类。 添加getUser()方法-getter上面这个属性。加setUser($user)方法-setter上面这个属性,它可以赋值给user的信息通过$user这个属性。
用户信息存到数据库表里
我的UserIdentity类例子:

<?php  
class UserIdentity extends CUserIdentity {  
    /** 
     * User's attributes 
     * @var array 
     */  
    public $user;  
  
    public function authenticate() {  
        $this->errorCode = self::ERROR_PASSWORD_INVALID;  
        $user = User::model()->findByAttributes(array('email' => CHtml::encode($this->username)));  
        if ($user) {  
            if ($user->password === md5($user->salt . $this->password)) {  
                $this->errorCode = self::ERROR_NONE;  
                $this->setUser($user);  
            }  
        }  
        unset($user);  
        return !$this->errorCode;  
    }  
  
    public function getUser() {  
        return $this->user;  
    }  
  
    public function setUser(CActiveRecord $user) {  
        $this->user = $user->attributes;  
    }  
}  
  
?>  

现在用户的属性已经设置,创建WebUser类并把它放在/protected/components

<?php  
class WebUser extends CWebUser {  
    public function __get($name) {  
        if ($this->hasState('__userInfo')) {  
            $user = $this->getState('__userInfo', array());  
            if (isset($user[$name])) {  
                return $user[$name];  
            }  
        }  
  
        return parent::__get($name);  
    }  
  
    public function login($identity, $duration) {  
        $this->setState('__userInfo', $identity->getUser());  
        parent::login($identity, $duration);  
    }  
  
    public function getIsGuest() {  
        $customer = Yii::app()->session->get('customer');  
        return $customer === null || $customer['id'] === null;  
    }  
}  
?>  

记得设置一下这个类Yii::app()->user

<?php  
'components'=>array(  
    'user'=>array(  
        'class'=>'WebUser',  
    )  
)  
?>   

调用方法

Yii::app()->user->getIsGuest()

2用户信息存到单独的文件

<?php  
class WebUser extends CWebUser  
{  
    public function getReturnUrl($defaultUrl=null)  
    {     
        $userInfo = $this->getUserInfo();  
        if(isset($userInfo['url'])){  
            return $userInfo['url'];  
        }  
        return parent::getReturnUrl($defaultUrl);  
    }  
  
    protected function afterLogin($fromCookie)  
    {  
        parent::afterLogin($fromCookie);  
        $users = require(dirname(__FILE__) . '/../config/password.php');  
  
        $this->setState('userInfo',$users[$this->getName()]);  
    }  
  
    public function getUserInfo()  
    {  
        return $this->getState('userInfo',array());  
    }  
//accessRules  roles  
    public function checkAccess($operation,$params=array(),$allowCaching=true)  
    {  
        $userInfo = $this->getUserInfo();  
        if($userInfo['group'] == $operation){  
            return true;  
        }  
        return parent::checkAccess($operation,$params,$allowCaching);  
    }  
}  

password.php

<?php  
  
return array(  
    'dianyin'           => array(  
        'pwd'           => 'dianyinXX',  
        'url'           => array('dianyin/order/index'),  
        'merchant_id'   => 1,  
        'group'         => 'dianyin',  
     ),  
    'boer' => array(  
        'pwd'           => 'boerXX',  
        'url'           =>  array('third_jifen/default/index'),  
        'merchant_id'   => 1,  
        'group'         => 'jifen',  
    ),  
);  

权限checkAccess结合roles

public function accessRules()  
{  
    return array(  
        array('allow', // allow authenticated users to access all actions  
            'roles'=>array('jifen'),  
        ),  
        array('allow',  // deny all users  
            'actions'=>array('login','logout'),  
            'users'=>array('*'),  
        ),    
        array('deny',  // deny all users  
            'users'=>array('*'),  
        ),  
      
    );  
}  

转自:http://hudeyong926.iteye.com/blog/1338494