67 lines
2.2 KiB
Ruby
67 lines
2.2 KiB
Ruby
module LdapLogin::Login
|
|
LDAP_ADSERVER=["ad.asia.edu.tw","ad2.asia.edu.tw","ad3.asia.edu.tw"]
|
|
def ldap_login_auth(user,request,session,flash,params)
|
|
LDAP_ADSERVER=["ad.asia.edu.tw","ad2.asia.edu.tw","ad3.asia.edu.tw"]
|
|
ldap_hosts = LDAP_ADSERVER.shuffle
|
|
error = ''
|
|
ldap_user = params[:user_name]
|
|
ldap_pass = params[:password]
|
|
login_flag = false
|
|
_session = {'ad' => []}
|
|
ldap_hosts.each do |ldap_host|
|
|
begin
|
|
ldap = Net::LDAP.new
|
|
ldap.host = ldap_host
|
|
ldap.port = 389
|
|
ldap.auth ldap_user, ldap_pass
|
|
if ldap.bind
|
|
puts ['ldap_user',ldap_user,'ldap_pass',ldap_pass]
|
|
if !user.nil?
|
|
filter = Net::LDAP::Filter.eq( "sAMAccountName", ldap_user )
|
|
treebase = "ou=Asia Univ,dc=asia,dc=edu,dc=tws"
|
|
puts "==LDAP SEARCH START=="
|
|
ldap.search( :base => treebase, :filter => filter, :return_result => false ) do |entry|
|
|
puts "DN: #{entry.dn}"
|
|
entry.each do |attribute, values|
|
|
puts " #{attribute}:"
|
|
values.each do |value|
|
|
puts " --->#{value}"
|
|
end
|
|
end
|
|
end
|
|
puts "==LDAP SEARCH END=="
|
|
session[:user_id] = user.id
|
|
session[:login_referer] = nil
|
|
if params[:referer_url]
|
|
url = URI.parse(params[:referer_url]).path
|
|
url_method = 'redirect_to'
|
|
else
|
|
url = admin_dashboards_path
|
|
url_method = 'redirect_to'
|
|
end
|
|
login_flag = true
|
|
else
|
|
error = t('devise.failure.ldap_pass_but_account_not_in_orbit')
|
|
end
|
|
else
|
|
error = '驗證失敗,您輸入的使用者名稱或密碼不正確!'
|
|
end
|
|
break
|
|
rescue => e
|
|
if !e.class==Net::LDAP::ConnectionError
|
|
error = '發生不可預知的錯誤'
|
|
puts ['ldap',error,e]
|
|
break
|
|
else
|
|
error = 'Could not connect to AD server.'
|
|
end
|
|
end
|
|
end
|
|
if !login_flag
|
|
flash.now.alert = error.html_safe
|
|
url = 'new'
|
|
url_method = 'render'
|
|
end
|
|
[login_flag,session,flash,url,url_method]
|
|
end
|
|
end |