class SessionsController < ApplicationController
  layout "authentication"
  def new
    if session[:user_id]
      redirect_to admin_dashboards_path
    end
  end

  def create 
    login_password = params[:password]
    login_uid = params[:user_name]
    result = false
    ldap_filter = "(uid=#{login_uid})"

    if login_uid != 'rulingcom'

      NccuLdapConnection.establish

      if ($nccu_ldap_connection.bind rescue false)
          
          logger.info "=LDAP Binded password ok..."

          result = check_auth_with_ldap(login_uid,login_password) 

          resource = User.find_by(user_name: params[:user_name]) rescue nil
          
          if result && login_password!=''
            
            logger.info "==LDAP  password passed..."
            # set_flash_message(:notice, :signed_in) if is_navigational_format?

            if (resource.nil?)
              logger.error "===LDAP passed local block... resource:#{resource.inspect}\n login_uid:#{login_uid}"
              flash.now.alert = t('devise.failure.ldap_pass_but_account_not_in_orbit')
              render "new"
            else
              logger.info "===ALL passed"
              session[:user_id] = resource.id
              session[:login_referer] = nil
              if params[:referer_url]
                redirect_to URI.parse(params[:referer_url]).path
              else
                redirect_to admin_dashboards_path
              end
            end

          elsif !resource.nil?

            if (resource.authenticate(login_password) && resource.is_confirmed?.eql?(true))
                session[:user_id] = resource.id
                session[:login_referer] = nil
                if params[:referer_url]
                  redirect_to URI.parse(params[:referer_url]).path
                else
                  redirect_to admin_dashboards_path
                end
            else
              flash.now.alert = t('devise.failure.invalid')
              render "new"
            end
            
          else

            logger.error "==password LDAP fail..."
            flash.now.alert = t('devise.failure.ldap_invalid')
            render "new"

          end

      else

        logger.error "=LDAP fail..."
        flash.now.alert = t('devise.failure.ldap_connection_failed')
        render "new"

      end

    else #if rulingcom account
      logger.info "=======Rulingcom account======"

      user = User.find_by(user_name: login_uid) rescue nil
      if (user && user.authenticate(login_password) && user.is_confirmed?.eql?(true))
        session[:user_id] = user.id
        session[:login_referer] = nil
        if params[:referer_url]
          redirect_to URI.parse(params[:referer_url]).path
        else
          redirect_to admin_dashboards_path
        end
      else
        flash.now.alert = t('devise.failure.invalid')
        render "new"
      end

    end

    logger.info "=======End Debugging======"

  end

  def destroy
    log_user_action
    session[:user_id] = nil
    redirect_to root_url
  end

  private  

  def check_auth_with_ldap(login_uid,login_password)
    ldap_filter = "(uid=#{login_uid})"
    $nccu_ldap_connection.bind_as(:base => NccuLdapConnection::BASE,:filter => ldap_filter,:password=> login_password) rescue false
  end

end