when I update data in the User model, the Auth data is not updated.

How can I "refresh" the data which is returned by $this->Auth->user() when I am updating user model ?

and I don't want to use

$this->Auth->login($data);

after updating my user table

I tried the following line. Its works well form me After modify the user data i written the following line

 $this->Session->write('Auth', $this->User->read(null, $this->Auth->User('id')));

Write the updated data to the Session eg:

$this->Session->write('Auth.User', $data);

Before CakePHP 2.x you can't do this in the model without break the framework design.

With CakePHP 2.x you can load the Session Component from models and update it.

evert0ns answer is right. But you should use AuthComponent::login(), because the data is saved within the AuthComponent as well and is not fetched from the session every time.

I had the problem just a couple of days ago.

// AppController.php
/**
 * Renews current user data, e.g. in case of an email address change while being logged in.
 *
 * @param array $newUserData
 * @return void
 */
    protected function renewUserSession($newUserData){
            if(!isset($newUserData) || empty($newUserData)){
                    return;
            }

            // We need to fetch the current user data so custom indexes are copied
            $currentUserData = $this->Auth->user();
            if(!isset($currentUserData) || empty($currentUserData)){
                    return;
            }

            // Merge old with new data
            $newUserData = array_merge($currentUserData, $newUserData);

            // Login with new data
            $this->Auth->login($newUserData);
    }

Source: my paste

Put this in your AppController. The method is specialized to merge the current and the new user data to keep existing custom indexes that you may have provided. I needed this, but you can leave it out though. Give the updated user data as a parameter to the method. Not in model find form. E.g.:

$data = array(
    'User' => array(
        'username' => 'bla',
        'passwort' => 'fu',
        'email' => 'hu@bar.com'
    )
);

// Wrong
$this->renewUserSession($data);

// Right
$this->renewUserSession($data['User']);

I solved this problem using afterSave function in User Model. It's working fine if we update user model from any area. My code was as below :

class User extends AppModel {
    ... ... ...
    public function afterSave($created, $options = array()){
        parent::afterSave($created,$options);

        //updating authentication session
        App::uses('CakeSession', 'Model/Datasource');
        CakeSession::write('Auth',$this->findById(AuthComponent::user('id')));

        return true;
    }
    ... ... ...
}

I think func0der's answer is good, but it may be improved:

protected function renewLogin() {
    if(!empty($this->Auth->user())) {
        $this->loadModel('User');
        $this->User->contain(false);
        $user = $this->User->read(null, $this->Auth->user('id'))['User'];
        unset($user['password']);
        $this->Auth->login($user);
    }
}

You can add this to your AppController.php and use it from any controller after modifying the logged in user.

I believe it's much cleaner and even though it implies access to the database, I think it's not going to be executed often enough to be an issue.

You should ALWAYS try to do things the "Cake" way. And avoid shortcuts like editing a session variable. It'll make things easier for you on the long run.

Please comment and add your opinions :)

I think that the simpler way to do this is:

$user = $this->Auth->user();
$user['attribute'] = $newValue;
$this->Auth->setUser($user);