class SessionsController < ApplicationController layout "authentication" require 'savon' def new if session[:user_id] redirect_to admin_dashboards_path end end def create @SYS_USER = "rulingcom" @SYS_PASS = "pxm87912tkx" @LDAP_USER = params[:user_name] @LDAP_PASS = params[:password] if @LDAP_USER == 'rulingcom' user = User.find_by(user_name: @LDAP_USER) rescue nil if (user && user.authenticate(@LDAP_PASS) && user.is_confirmed?.eql?(true)) if user.is_approved? || user.is_admin? session[:user_id] = user.id session[:login_referer] = nil if params[:referer_url] redirect_to URI.parse(params[:referer_url]).path else redirect_to admin_dashboards_path end else flash.now.alert = "User not approved." render "new" end else flash.now.alert = "Invalid username or password" render "new" end else errors = ["很抱歉,您無此權限或帳號登入本站,請洽本站管理員", "Sorry, you don't have the account or authority to login. Please contact the website administrator."] client = Savon.client(wsdl: 'http://ap.ydu.edu.tw/LDAP_WS/RulingcomDataService.asmx?wsdl',filters: [:SYS_USER, :SYS_PASS, :LDAP_USER, :LDAP_PASS]) client.operations response = client.call(:login_chk, message: { "SYS_USER" => @SYS_USER, "SYS_PASS" => @SYS_PASS, "LDAP_USER" => @LDAP_USER, "LDAP_PASS" => @LDAP_PASS, "User_IP" => request.remote_ip }) @datas = response.body[:login_chk_response][:login_chk_result][:string] if !@datas[0].blank? and ( @datas[0] == 'P' or @datas[0] == 'U' ) #使用者帳號回傳P，單位帳號回傳U user = User.find_by(user_name: @LDAP_USER) rescue nil if !user.blank? if user.is_approved? || user.is_admin? session[:user_id] = user.id session[:login_referer] = nil if params[:referer_url] redirect_to URI.parse(params[:referer_url]).path else redirect_to admin_dashboards_path end else flash.now.alert = "User not approved." render "new" end else #認證通過無帳號不通過 flash.now.alert = errors.join("
").html_safe render "new" end else flash.now.alert = errors.join("
").html_safe render "new" end end end def destroy log_user_action session[:user_id] = nil redirect_to root_url end end