# encoding: utf-8 class SessionsController < Devise::SessionsController prepend_before_filter :require_no_authentication, :only => [ :new, :create ] def create @site = Site.first private_key = OpenSSL::PKey::RSA.new(@site.private_key) wresult = private_key.private_decrypt(request.params['wresult']) @ids = wresult.split("@") login_uid = @ids[0] resource = User.first(conditions:{user_id: login_uid}) if !resource.blank? resource_name = resource.class.to_s.downcase sign_in(resource_name, resource) session[:user_id_type] = "myntumb" redirect_to after_sign_in_path_for(resource) else flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員
Sorry, you don't have the account or authority to login. Please contact the website administrator." redirect_to :root end end def destroy @user_id_type = session[:user_id_type] sign_out if @user_id_type == "myntumb" redirect_to "https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignout1.0&wreply=https://management.ntu.edu.tw" else redirect_to root_path end end end