evert0ns answer is right. But you should use AuthComponent::login(), because the data is saved within the AuthComponent as well and is not fetched from the session every time.

I had the problem just a couple of days ago.

// AppController.php
/**
 * Renews current user data, e.g. in case of an email address change while being logged in.
 *
 * @param array $newUserData
 * @return void
 */
    protected function renewUserSession($newUserData){
            if(!isset($newUserData) || empty($newUserData)){
                    return;
            }

            // We need to fetch the current user data so custom indexes are copied
            $currentUserData = $this->Auth->user();
            if(!isset($currentUserData) || empty($currentUserData)){
                    return;
            }

            // Merge old with new data
            $newUserData = array_merge($currentUserData, $newUserData);

            // Login with new data
            $this->Auth->login($newUserData);
    }

Source: my paste

Put this in your AppController. The method is specialized to merge the current and the new user data to keep existing custom indexes that you may have provided. I needed this, but you can leave it out though. Give the updated user data as a parameter to the method. Not in model find form. E.g.:

$data = array(
    'User' => array(
        'username' => 'bla',
        'passwort' => 'fu',
        'email' => 'hu@bar.com'
    )
);

// Wrong
$this->renewUserSession($data);

// Right
$this->renewUserSession($data['User']);

Write the updated data to the Session eg:

$this->Session->write('Auth.User', $data);

Before CakePHP 2.x you can't do this in the model without break the framework design.

With CakePHP 2.x you can load the Session Component from models and update it.

I think func0der's answer is good, but it may be improved:

protected function renewLogin() {
    if(!empty($this->Auth->user())) {
        $this->loadModel('User');
        $this->User->contain(false);
        $user = $this->User->read(null, $this->Auth->user('id'))['User'];
        unset($user['password']);
        $this->Auth->login($user);
    }
}

You can add this to your AppController.php and use it from any controller after modifying the logged in user.

I believe it's much cleaner and even though it implies access to the database, I think it's not going to be executed often enough to be an issue.

You should ALWAYS try to do things the "Cake" way. And avoid shortcuts like editing a session variable. It'll make things easier for you on the long run.

Please comment and add your opinions :)

I tried the following line. Its works well form me After modify the user data i written the following line

 $this->Session->write('Auth', $this->User->read(null, $this->Auth->User('id')));

I solved this problem using afterSave function in User Model. It's working fine if we update user model from any area. My code was as below :

class User extends AppModel {
    ... ... ...
    public function afterSave($created, $options = array()){
        parent::afterSave($created,$options);

        //updating authentication session
        App::uses('CakeSession', 'Model/Datasource');
        CakeSession::write('Auth',$this->findById(AuthComponent::user('id')));

        return true;
    }
    ... ... ...
}

I think that the simpler way to do this is:

$user = $this->Auth->user();
$user['attribute'] = $newValue;
$this->Auth->setUser($user);