By default, the expression Yii::app()->user returns a CWebUser application component which represents the information that are closely related with the current user. Some information can be persistent throughout the current user session. For example, CWebUser already comes with a name property that stores the username of the current user.
In this cookbook I will attempt to explain how to use the lightweight version of Role-Based Access Control using a php file. This version does not use database but a php file and is controlled by CPhpAuthManager class.
Update: This wiki has been rewritten to be in line with Yii 1.1.14. Since many of the detailed complexities are now handled by Yii, the article focuses on how the crypt() built-in function works and why it's important to use it correctly.