Difference between #1 and #2 of How to add more information to Yii::app()->user

unchanged
Title
How to add more information to Yii::app()->user
unchanged
Category
Tutorials
unchanged
Tags
changed
Content
By default, the expression Yii::app()->user returns a [CWebUser] [application
component](http://www.yiiframework.com/doc/guide/basics.application#application-component)
which can be used to store information that are closely related with the current
user and should be persistent throughout the current user session. [CWebUser]
already comes with a [name|CWebUser::name] property that stores the username of
the current user.

In order to store more information, we need to modify the
[identity|IUserIdentity] class used together with [CWebUser]. Each application
may have one or several identity classes which are mainly responsible to provide
ways of performing user
[authentication](http://www.yiiframework.com/doc/guide/topics.auth). 

Here we use the `UserIdentity` class included in the `testdrive` application as
an example, assuming our goal is to add the ID and the last login time of the
user to [CWebUser]. We would modify `UserIdentity` as follows,

~~~
[php]
class UserIdentity extends CUserIdentity
{
	private $_id;
	
	public function authenticate()
	{
		$user=User::model()->findByAttributes(array('username'=>$this->username));
		if($user===null)
			$this->errorCode=self::ERROR_USERNAME_INVALID;
		else if($user->password!==md5($this->password))
			$this->errorCode=self::ERROR_PASSWORD_INVALID;
		else
		{
			$this->_id=$user->id;
			$this->lastLoginTime=$user->lastLoginTime;
			$this->errorCode=self::ERROR_NONE;
		}
		return !$this->errorCode;
	}
	
	public function getId()
	{
		return $this->_id;
	}
	
	public function getLastLoginTime()
	{
		return $this->getState('lastLoginTime');
	}
	
	public function setLastLoginTime($value)
	{
		return $this->setState('lastLoginTime',$value);
	}	
}
~~~

In the above we define a `lastLoginTime` property with getter/setter methods. We
also override the `getId()` method to return a private variable. The reason that
the `id` property is not defined like `lastLoginTime` is because `id` is a
pre-defined property in [CUserIdentity] and is recognized by [CWebUser]. If we
need to add more information, we should follow the way of defining
`lastLoginTime`.

In the `authenticate()` method, we retrieve the user record according to the
provided username. We populate the `id` and `lastLoginTime` properties if we
find such a user record whose password matches the provided password (meaning
successful authentication).

That's all we need. Now if we want to retrieve the `id` or `lastLoginTime`
information in our code, we can do the following:

~~~
[php]
$id=Yii::app()->user->id;
$lastLoginTime=Yii::app()->user->getState('lastLoginTime');
// starting from 1.0.3 you can use the following:
// $lastLoginTime=Yii::app()->user->lastLoginTime;
~~~

> Note: When cookie-based authentication is enabled (by setting
[CWebUser::allowAutoLogin] to be true), these persistent information will be
stored in cookie. Therefore, you should NOT store sensitive information (e.g.
password) like we do in the above.