class SessionsController < Devise::SessionsController
  prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
  include Devise::Controllers::InternalHelpers


  # POST /resource/sign_in
  def create 
    login_password = params[:user][:password]
    login_uid = params[:user][:nccu_ldap_uid]
    result = false
    ldap = Net::LDAP.new
    ldap.port = '8001'
    ldap.host = '127.0.0.1'
    ldap_filter = "(uid=#{login_uid})"
    ldap_base = 'ou=People,dc=nccu,dc=edu,dc=tw'
    ldap.authenticate("cn=uccn,ou=profile,dc=nccu,dc=edu,dc=tw","nccu2ucc") 
    if ldap.bind
        result = ldap.bind_as(:base => ldap_base,:filter => ldap_filter,:password=> login_password)
        if result 
          resource =  User.find_or_initialize_by( nccu_ldap_uid: login_uid )          
           # resource = env['warden'].authenticate!(:check_nccu_ldap)
           # resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
           set_flash_message(:notice, :signed_in) if is_navigational_format?
           resource_name = resource._type.downcase
          sign_in(resource_name, resource)
          respond_with resource, :location => redirect_location(resource_name, resource)
        else
          flash[:notice] = t('devise.failure.ldap_invalid')
          render :action => "new" 
        end
      else
        flash[:notice] = t('devise.failure.ldap_connection_failed')
        render :action => "new"
      end
    end
  
end