module LdapLogin::Login
  ONLY_LDAP = true
  LDAP_ADSERVER="https://ap99.mdu.edu.tw/MduDB/api/Auth/token/1"
  AppKey = "OCz3t1nQWD"
  def ldap_login_auth(user,request,session,flash,params)
    error = ''
    ldap_user = params[:user_name]
    ldap_pass = params[:password]
    login_flag = false
    url = '/'
    url_method = 'redirect_to'

    uri = URI(LDAP_ADSERVER)
    req = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
    req.body = {AppKey: AppKey,username: ldap_user,password: ldap_pass}.to_json

    http = Net::HTTP.new(uri.host, uri.port)
    http.use_ssl = true
    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
    http.read_timeout = 3
    res = http.request(req)
    
    if res.code == '200' && JSON.load(res.body)["userID"]==ldap_user
      if !user.nil?
        session[:user_id] = user.id
        session[:login_referer] = nil
        if params[:referer_url]
          url = URI.parse(params[:referer_url]).path
          url_method = 'redirect_to' 
        else
          url = admin_dashboards_path
          url_method = 'redirect_to'
        end
        login_flag = true
      else
        error = I18n.t('devise.failure.ldap_pass_but_account_not_in_orbit')
      end
    else
      error = '驗證失敗，您輸入的使用者名稱或密碼不正確!'
    end

    if !login_flag
      flash.now.alert = error.html_safe
      url = 'new'
      url_method = 'render'
    end
    [login_flag,session,flash,url,url_method]
  end
end