alex
/
orbit4-5
forked from saurabh/orbit4-5
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
orbit4-5/app/controllers/sessions_controller.rb

99 lines
2.6 KiB
Ruby
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

class SessionsController < ApplicationController
layout "authentication"
require 'savon'
def new
if session[:user_id]
redirect_to admin_dashboards_path
end
end
def create
@SYS_USER = "rulingcom"
@SYS_PASS = "pxm87912tkx"
@LDAP_USER = params[:user_name]
@LDAP_PASS = params[:password]
if @LDAP_USER == 'rulingcom'
user = User.find_by(user_name: @LDAP_USER) rescue nil
if (user && user.authenticate(@LDAP_PASS) && user.is_confirmed?.eql?(true))
if user.is_approved? || user.is_admin?
session[:user_id] = user.id
session[:login_referer] = nil
if params[:referer_url]
redirect_to URI.parse(params[:referer_url]).path
else
redirect_to admin_dashboards_path
end
else
flash.now.alert = "User not approved."
render "new"
end
else
flash.now.alert = "Invalid username or password"
render "new"
end
else
errors = ["很抱歉,您無此權限或帳號登入本站,請洽本站管理員", "Sorry, you don't have the account or authority to login. Please contact the website administrator."]
client = Savon.client(wsdl: 'http://ap.ydu.edu.tw/LDAP_WS/RulingcomDataService.asmx?wsdl',filters: [:SYS_USER, :SYS_PASS, :LDAP_USER, :LDAP_PASS])
client.operations
response = client.call(:login_chk, message: {
"SYS_USER" => @SYS_USER,
"SYS_PASS" => @SYS_PASS,
"LDAP_USER" => @LDAP_USER,
"LDAP_PASS" => @LDAP_PASS,
"User_IP" => request.remote_ip
})
@datas = response.body[:login_chk_response][:login_chk_result][:string]
if !@datas[0].blank? and ( @datas[0] == 'P' or @datas[0] == 'U' ) #使用者帳號回傳P單位帳號回傳U
user = User.find_by(user_name: @LDAP_USER) rescue nil
if !user.blank?
if user.is_approved? || user.is_admin?
session[:user_id] = user.id
session[:login_referer] = nil
if params[:referer_url]
redirect_to URI.parse(params[:referer_url]).path
else
redirect_to admin_dashboards_path
end
else
flash.now.alert = "User not approved."
render "new"
end
else #認證通過無帳號不通過
flash.now.alert = errors.join("<br/>").html_safe
render "new"
end
else
flash.now.alert = errors.join("<br/>").html_safe
render "new"
end
end
end
def destroy
log_user_action
session[:user_id] = nil
redirect_to root_url
end
end
Reference in New Issue View Git Blame Copy Permalink