71 lines
2.5 KiB
Ruby
71 lines
2.5 KiB
Ruby
module LdapLogin::Login
|
||
require 'savon'
|
||
def ldap_login_auth(user,request,session,flash,params)
|
||
@SYS_USER = "rulingcom"
|
||
@SYS_PASS = "pxm87912tkx"
|
||
@LDAP_USER = params[:user_name]
|
||
@LDAP_PASS = params[:password]
|
||
login_flag = false
|
||
if @LDAP_USER == 'rulingcom'
|
||
if (user && user.authenticate(@LDAP_PASS) && user.is_confirmed?.eql?(true))
|
||
session[:user_id] = user.id
|
||
session[:login_referer] = nil
|
||
login_flag = true
|
||
if params[:referer_url]
|
||
url = URI.parse(params[:referer_url]).path
|
||
url_method = 'redirect_to'
|
||
else
|
||
url = admin_dashboards_path
|
||
url_method = 'redirect_to'
|
||
end
|
||
else
|
||
flash.now.alert = "Invalid username or password"
|
||
url = 'new'
|
||
url_method = 'render'
|
||
end
|
||
else
|
||
errors = ["很抱歉,您無此權限或帳號登入本站,請洽本站管理員", "Sorry, you don't have the account or authority to login. Please contact the website administrator."]
|
||
client = Savon.client(wsdl: 'http://ap.ydu.edu.tw/LDAP_WS/RulingcomDataService.asmx?wsdl',filters: [:SYS_USER, :SYS_PASS, :LDAP_USER, :LDAP_PASS])
|
||
client.operations
|
||
response = client.call(:login_chk, message: {
|
||
"SYS_USER" => @SYS_USER,
|
||
"SYS_PASS" => @SYS_PASS,
|
||
"LDAP_USER" => @LDAP_USER,
|
||
"LDAP_PASS" => @LDAP_PASS,
|
||
"User_IP" => request.remote_ip
|
||
})
|
||
|
||
@datas = response.body[:login_chk_response][:login_chk_result][:string]
|
||
if !@datas[0].blank? and ( @datas[0] == 'P' or @datas[0] == 'U' ) #使用者帳號回傳P,單位帳號回傳U
|
||
if !user.blank?
|
||
if user.is_approved? || user.is_admin?
|
||
session[:user_id] = user.id
|
||
session[:login_referer] = nil
|
||
login_flag = true
|
||
if params[:referer_url]
|
||
url = URI.parse(params[:referer_url]).path
|
||
url_method = 'redirect_to'
|
||
else
|
||
url = admin_dashboards_path
|
||
url_method = 'redirect_to'
|
||
end
|
||
else
|
||
flash.now.alert = "User not approved."
|
||
url = 'new'
|
||
url_method = 'render'
|
||
end
|
||
else #認證通過無帳號不通過
|
||
flash.now.alert = errors.join("<br/>").html_safe
|
||
url = 'new'
|
||
url_method = 'render'
|
||
end
|
||
else
|
||
flash.now.alert = errors.join("<br/>").html_safe
|
||
url = 'new'
|
||
url_method = 'render'
|
||
end
|
||
end
|
||
[login_flag,session,flash,url,url_method]
|
||
end
|
||
end
|