From 09e0d5bd925a81644a4e6ea89b84d2b763c4c6b7 Mon Sep 17 00:00:00 2001
From: Spen <spen821@gmail.com>
Date: Thu, 26 Sep 2013 15:23:03 +0800
Subject: [PATCH]  sso  for  ntu mb all sites

---
 app/assets/stylesheets/basic/global.css       | 187 +++++++++++++++---
 .../stylesheets/basic/orbit_bar.css.erb       |  77 ++++++--
 app/controllers/sessions_controller.rb        |  40 ++++
 app/views/devise/sessions/new.html.erb        |  92 ++++++---
 app/views/layouts/_right_menu.html.erb        |   5 +
 app/views/layouts/devise.html.erb             |   5 +-
 config/routes.rb                              |   8 +
 7 files changed, 341 insertions(+), 73 deletions(-)
 create mode 100644 app/controllers/sessions_controller.rb

diff --git a/app/assets/stylesheets/basic/global.css b/app/assets/stylesheets/basic/global.css
index 61728dc52..e2627adad 100644
--- a/app/assets/stylesheets/basic/global.css
+++ b/app/assets/stylesheets/basic/global.css
@@ -83,6 +83,7 @@ legend {
   min-width: 61px;
   z-index: 1030;
   position: fixed;
+  padding-top: 40px;
   background-color: #171717;
   -webkit-box-shadow: inset -1px 0px 10px #000000;
      -moz-box-shadow: inset -1px 0px 10px #000000;
@@ -91,12 +92,14 @@ legend {
 }
 #sidebar #sidebar-menu {
   position: absolute;
-  top: 88px;
+  top: 85px;
   bottom: 0;
-  z-index: 1;
+  z-index: 0;
   display: block;
   width: 61px;
-  /*overflow: auto;*/
+}
+#sidebar #sidebar-menu.nano {
+  top: 0;
 }
 #sidebar .scroller {
   position: absolute;
@@ -120,16 +123,12 @@ legend {
   list-style: none;
 }
 #sidebar > h2.position {
-  top: 40px;
   margin: 0;
   width: 61px;
   color: #FFFFFF;
   font-weight: normal;
-  font-size: 2.4em;
-  line-height: 47px;
-  line-height: 46px\9;
   text-align: center;
-  position: absolute;
+  position: relative;
   background-color: #08c;
   background-image: -moz-linear-gradient(top, #08c, #006091);
   background-image: -ms-linear-gradient(top, #08c, #006091);
@@ -158,24 +157,20 @@ legend {
 }
 #sidebar > h2.position a {
   color: #FFFFFF;
-  padding: 6px 6px 5px;
   text-decoration: none;
+  display: inline-block;
   -webkit-text-shadow: 0px -1px 0px #333333;
      -moz-text-shadow: 0px -1px 0px #333333;
        -o-text-shadow: 0px -1px 0px #333333;
           text-shadow: 0px -1px 0px #333333;
 }
+#sidebar > h2.position a i {
+  line-height: 45px;
+}
 #sidebar .sidebar-nav > li {
   min-width: 61px;
-  height: 45px;
 }
-#sidebar .sidebar-nav > li.active {
-  font-size: 1.2em;
-}
-#sidebar .sidebar-nav > li.active .sub-nav-block {
-  display: block;
-}
-#sidebar .sidebar-nav > li.active > a > span {
+#sidebar .sidebar-nav > li.active span {
   color: #FFFFFF;
   cursor: pointer;
   -webkit-text-shadow: 0px -1px 0px #636363;
@@ -183,8 +178,7 @@ legend {
        -o-text-shadow: 0px -1px 0px #636363;
           text-shadow: 0px -1px 0px #636363;
 }
-#sidebar .sidebar-nav > li > a > span {
-  padding: 10px;
+#sidebar .sidebar-nav > li span {
   color: #B0B0B0;
   display: block;
   -webkit-text-shadow: 0px 1px 0px #000000;
@@ -192,8 +186,15 @@ legend {
        -o-text-shadow: 0px 1px 0px #000000;
           text-shadow: 0px 1px 0px #000000;
 }
-#sidebar .sidebar-nav > li > a > span > i {
-  font-size: 1.7em;
+#sidebar .sidebar-nav > li a {
+  display: block;
+}
+#sidebar .sidebar-nav > li i {
+  font-size: 1.6em;
+  line-height: 60px;
+}
+#sidebar .sidebar-nav > li.active i {
+  font-size: 2.2em;
 }
 #sidebar .sub-nav-block-list {
   top: 40px;
@@ -274,7 +275,7 @@ legend {
 }
 #sidebar .sub-nav-arrow {
   left: 53px;
-  top: -10px;
+  top: -16px;
   width: 0px;
   height: 0px;
   z-index: -1;
@@ -282,7 +283,6 @@ legend {
   border-style: solid;
   border-width: 8px 8px 8px 0;
   border-color: transparent #0088CC transparent transparent;
-  display: none\9; /* 用IE的去死 */
 }
 
 
@@ -300,14 +300,15 @@ legend {
   position: absolute;
   z-index: 100;
   width: 100%;
-  border-radius: 1px;
-  background-color: rgba(0, 136, 204, .3);
+  border-radius: 50%/1px;
+  background-color: rgba(0, 136, 204, .6);
 }
 
 
 /* Main Wrap */
 #main-wrap {
   padding-top: 40px;
+  position: relative;
 }
 #main-wrap .wrap-inner {
   padding: 60px 20px 20px;
@@ -419,6 +420,7 @@ legend {
 /* Search Clear */
 .searchClear {
   position: relative;
+  display: inline-block;
 }
 .searchClear .icon-search {
   position: absolute;
@@ -520,10 +522,9 @@ legend {
   padding: 0px 5px;
   position: absolute;
   z-index: 9999;
-  max-width: 500px;
+  max-width: 300px;
   border-radius: 3px;
   background-color: #0088CC;
-  white-space: nowrap;
 }
 #sideset .ui-tooltip.sidebar-tooltip:after {
   display: none;
@@ -533,10 +534,9 @@ legend {
   padding: 0px 5px;
   position: absolute;
   z-index: 9999;
-  max-width: 500px;
+  max-width: 300px;
   border-radius: 3px;
   background-color: #000000;
-  white-space: nowrap;
 }
 .ui-tooltip:after {
   content: '';
@@ -551,6 +551,135 @@ legend {
   border-color: #000000 transparent transparent transparent;
 }
 
+/* Sign In */
+#sign-in {
+  background-color: #F3F3F3;
+  background-repeat: no-repeat;
+  background : -webkit-radial-gradient(center center,circle cover, #F3F3F3 10%, #DBDBDB 100%);
+  background : -moz-radial-gradient(center center,circle cover, #F3F3F3 10%, #DBDBDB 100%);
+  background : -o-radial-gradient(center center,circle cover, #F3F3F3 10%, #DBDBDB 100%);
+  background : -ms-radial-gradient(center center,circle cover, #F3F3F3 10%, #DBDBDB 100%); 
+  background : -radial-gradient(center center,circle cover, #F3F3F3 10%, #DBDBDB 100%);
+}
+.sign-in {
+  text-align: center;
+  position: relative;
+  width: 300px;
+  margin: 150px auto 0;
+}
+.sign-in .other-sign-in {
+  display: none;
+}
+.sign-in .login-logo {
+  margin: 0;
+  padding-bottom: 15px;
+  border-bottom: 1px solid #ededed;
+}
+.sign-in .alert {
+  box-shadow: 0 3px 10px #CBCBCB;
+  text-align: left;
+}
+.sign-in .form {
+  background-color: #FFF;
+  box-shadow: 0 10px 20px #CBCBCB;
+  padding: 15px;
+  margin-bottom: 20px;
+}
+.sign-in .form-block {
+  overflow: hidden;
+}
+.sign-in .form-list {
+  width: 555px;
+}
+.sign-in .content {
+  float: left;
+  margin-bottom: 0;
+  position: relative;
+}
+.sign-in .content + .content {
+  margin-left: 15px;
+}
+.sign-in .control-group {
+  position: relative;
+  width: 270px;
+  margin: 0;
+}
+.sign-in .control-group label {
+  position: absolute;
+  top: 0;
+  left: 0;
+  width: 39px;
+  height: 40px;
+  line-height: 40px;
+  margin: 0;
+  color: #5C5C5C;
+}
+.sign-in .control-group input {
+  width: 222px;
+  height: 30px;
+  padding: 4px 6px 4px 40px;
+  margin-bottom: 25px;
+}
+.sign-in .btn {
+  display: block;
+  padding: 4px 0;
+  width: 100%;
+  margin-bottom: 10px;
+}
+.sign-in .other-sign-in {
+  position: relative;
+  margin-top: 20px;
+  margin-bottom: 30px;
+  padding-bottom: 20px;
+  border-bottom: 1px solid #ededed;
+}
+.sign-in .other-sign-in p {
+  position: absolute;
+  width: 30px;
+  height: 30px;
+  background-color: #FFF;
+  padding: 0 10px;
+  margin-bottom: 0;
+  margin-left: -25px;
+  line-height: 30px;
+  left: 50%;
+  bottom: -15px;
+  font-size: 1.3em;
+  color: #b1b1b1;
+}
+.sign-in .checkbox {
+  position: absolute;
+  text-align: left;
+  bottom: 47px;
+}
+.sign-in .switchboard {
+  color: #08C;
+  cursor: pointer;
+}
+.sign-in .switchboard span,
+.sign-in .switchboard.active i {
+  display: inline;
+}
+.sign-in .switchboard.active span,
+.sign-in .switchboard i {
+  display: none;
+}
+.register {
+  box-shadow: inset 0 5px 5px #E0E0E0;
+  background-color: #eee;
+  padding: 15px;
+  margin: 15px -15px -15px;
+}
+.register .btn {
+  margin: 0;
+}
+.have-other-sign-in {
+  margin: 80px auto 0;
+}
+.have-other-sign-in .other-sign-in {
+  display: block;
+}
+
 /* IE go die */
 :root #sidebar .sub-nav-block:before {
   display: block\9;
diff --git a/app/assets/stylesheets/basic/orbit_bar.css.erb b/app/assets/stylesheets/basic/orbit_bar.css.erb
index c381c4dd1..72b6c6eb1 100644
--- a/app/assets/stylesheets/basic/orbit_bar.css.erb
+++ b/app/assets/stylesheets/basic/orbit_bar.css.erb
@@ -2,16 +2,17 @@
 	top: 0px;
 	left: -10px;
 	right: -10px;
-	height: 40px;
 	z-index: 1041;
 	position: fixed;
 	margin-bottom: 0;
+	height: 40px;
 }
 #orbit-bar .orbitlogo {
-	width: 20px;
-	height: 20px;
+	width: 50px;
+	height: 40px;
+	padding: 0!important;
 	background-size: 70%;
-	display: inline-block;
+	display: block;
 	background-position: center;
 	background-repeat: no-repeat;
 	background-image: url(<%= asset_path 'orbit-logo.svg' %>);
@@ -19,8 +20,23 @@
 	/* For Suck IE */
 	background-image: url(<%= asset_path 'orbit-logo.png' %>)\9;
 }
+#orbit-bar .dropdown-menu li > a {
+	padding: 0 20px;
+	display: block;
+	height: 30px;
+	line-height: 30px;
+}
+#orbit-bar .dropdown-menu li i {
+	float: left;
+	display: inline-block;
+	margin-right: 5px;
+	line-height: 30px;
+	height: 100%;
+}
 #orbit-bar.navbar .nav > li > a {
 	color: #EEE;
+	padding: 0 15px;
+	display: block;
 	text-shadow: 0 -1px 0 #000;
 	border-right: 1px solid #363636;
 	box-shadow: 1px 0px 0px rgba(0, 0, 0, 0.3);
@@ -34,6 +50,11 @@
 	background-color: #0095CF;
 	text-shadow: 0 -1px 0 #014380;
 }
+#orbit-bar.navbar .nav > li > a > [class^="icon"],
+#orbit-bar.navbar .nav > li > a > [class*=" icon"] {
+	line-height: 40px;
+	display: block;
+}
 #orbit-bar.navbar .nav li.dropdown.open > .dropdown-toggle,
 #orbit-bar.navbar .nav li.dropdown.active > .dropdown-toggle,
 #orbit-bar.navbar .nav li.dropdown.open.active > .dropdown-toggle {
@@ -41,9 +62,7 @@
 	text-shadow: 0 -1px 0 #014380;
 }
 #orbit-bar .navbar-inner {
-	height: 40px;
 	border-width: 0;
-	min-height: 40px;
 	background-color: #333333;
 	-webkit-border-radius: 0px;
 	   -moz-border-radius: 0px;
@@ -66,6 +85,10 @@
 	right: auto;
 	bottom: auto;
 }
+#orbit-bar .nav > li {
+	display: block;
+	line-height: 40px;
+}
 #orbit-bar .nav [class^="icon"],
 #orbit-bar .nav [class*=" icon"] {
 	font-size: 1.5em;
@@ -92,17 +115,45 @@
 #orbit-bar .modal .input-prepend {
 	margin-bottom: 15px;
 }
+#orbit-bar .modal .other-sign-in {
+	position: relative;
+	text-align: center;
+	margin-top: 20px;
+	margin-bottom: 30px;
+	padding-bottom: 20px;
+	border-bottom: 1px solid #EDEDED;
+}
+#orbit-bar .modal .other-sign-in .btn {
+	padding: 4px 0;
+	display: block;
+	margin-bottom: 5px;
+	width: 100%;
+}
+#orbit-bar .modal .other-sign-in p {
+	position: absolute;
+	width: 30px;
+	height: 30px;
+	background-color: #FFF;
+	padding: 0 10px;
+	margin-bottom: 0;
+	margin-left: -25px;
+	line-height: 30px;
+	left: 50%;
+	bottom: -15px;
+	font-size: 1.3em;
+	color: #B1B1B1;
+}
 
 /*Search*/
 #orbit-bar #search {
 	margin-bottom: 0;
 	position: relative;
-	padding: 8px 10px 0;
+	padding: 0 10px;
 	border-right: 1px solid #363636;
 	box-shadow: 1px 0px 0px rgba(0, 0, 0, 0.3);
 }
 #orbit-bar #search form {
-	margin-bottom: 8px;
+	margin: 8px 0;
 }
 #orbit-bar #search input[type="text"] {
 	height: 14px;
@@ -110,6 +161,7 @@
 	font-size: 13px;
 	padding-left: 25px;
 	padding-right: 25px;
+	display: block;
 	-webkit-border-radius: 12px;
 	   -moz-border-radius: 12px;
 	     -o-border-radius: 12px;
@@ -122,15 +174,16 @@
 #orbit-bar #search .search-clear {
 	position: absolute;
 	color: #A3A3A3;
-	top: 14px;
+	top: 16px;
 }
 #orbit-bar #search .icon-search {
-	left: 13px;
-	top: 15px;
+	left: 15px;
 	font-size: 1.2em;
+	width: 1.25em;
+	margin-top: 0;
 }
 #orbit-bar #search .search-clear {
-	right: 14px;
+	right: 13px;
 	font-size: 1.3em;
 }
 #orbit-bar #search .search-clear:hover {
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
new file mode 100644
index 000000000..3e5a5ed33
--- /dev/null
+++ b/app/controllers/sessions_controller.rb
@@ -0,0 +1,40 @@
+# encoding: utf-8
+
+class SessionsController < Devise::SessionsController
+	prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
+
+
+  def create 
+	  @site = Site.first
+
+      private_key = OpenSSL::PKey::RSA.new(@site.private_key)
+      wresult = private_key.private_decrypt(request.params['wresult'])
+
+  	  @ids = wresult.split("@")
+
+      login_uid = @ids[0]
+
+  	  resource = User.first(conditions:{user_id: login_uid})
+
+	  if !resource.blank?
+	     resource_name = resource.class.to_s.downcase
+	     sign_in(resource_name, resource)
+	     session[:user_id_type] = "myntumb"
+	     redirect_to after_sign_in_path_for(resource)
+	  else
+	     flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員<br />Sorry, you don't have the account or authority to login. Please contact the website administrator."
+	     redirect_to :root
+	  end
+  end
+
+  def destroy
+  	@user_id_type = session[:user_id_type]
+    sign_out
+    if @user_id_type == "myntumb"
+      redirect_to "https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignout1.0&wreply=https://management.ntu.edu.tw"
+    else
+      redirect_to root_path
+    end
+  end
+
+end
\ No newline at end of file
diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
index 71bd12f46..66adbf3b2 100644
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@@ -1,30 +1,62 @@
-<h1 class="login-logo"><%= t(:ruling_site) %></h1>
-<div id="signin-header">
-	<h3><%= t(:login) %></h3>
-</div>
-<div id="container" class="sign-in">
-	<%= form_for resource, :as => resource_name, :url => session_path(resource_name), :html => {:class => 'user_new form-horizontal'} do |f| %>
-		<div class="content">
-			 <% flash.each do |key, msg| %>
-		    <%= content_tag :span, msg, :class => [key, "notice label label-warning"] %>
-		  <% end %>
-			<p class="alert hide">You need to sign in or sign up before continuing.</p>
-			<div class="main">
-				<div class="control-group clear">
-					<%= f.label :user_id ,t("users.user_id")%>
-					<%= f.text_field :user_id, :placeholder => t("users.user_id"), :style => "width: 330px;" %>
-					<span class="help-inline">Please correct the error</span>
-				</div>
-				<div class="control-group clear">
-					<%= f.label :password,t("password") %>
-					<%= f.password_field :password, :placeholder => t(:dots), :style => "width: 330px;" %>
-					<span class="help-inline">Please correct the error</span>
-					<%= link_to t(:forgot_password), new_user_password_path, :class => 'pull-right forgot hide' %>
-				</div>
-			</div>
-		</div>
-		<div class="form-actions clear">
-			<%= content_tag :button, t(:login), :type => :submit, :class => 'btn btn-primary pull-right' %>
-		</div>
-	<% end %>
-</div>
+
+
+      <div class="sign-in have-other-sign-in">
+
+		<% flash.each do |key, msg| %>
+			<%= content_tag :p, msg, :class => [key, "alert alert-error"] %>
+		<% end %>
+
+        
+        <div class="form">
+          <h3 class="login-logo"><%= t(:login) %></h3>
+          <div class="other-sign-in">
+            <% @request_hosts = request.host_with_port.split(".") %>
+              <a class="btn btn-primary" type="submit" href="https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignin1.0&wtrealm=https://management.ntu.edu.tw/saml_login&wctx=<%= @request_hosts[0] %>">使用計中帳號登入</a>
+            <p>or</p>
+          </div>
+          <div class="form-block">
+            <div class="form-list clearfix">
+              <%= form_for resource, :as => resource_name, :url => session_path(resource_name), :html => {:class => 'content'} do |f| %>
+                <div class="control-group clear">
+                  <label for="user_email">
+                    <i class="icon-user"></i>
+                  </label>
+				  <%= f.text_field :user_id, :placeholder => t("users.user_id") %>
+                </div>
+                <div class="control-group clear">
+                  <label for="user_password">
+                    <i class="icon-lock"></i>
+                  </label>
+                  <%= f.password_field :password, :placeholder => t(:dots) %>
+                </div>
+                <!-- <label class="checkbox">
+                  <input type="checkbox" value="">
+                  <small>Remember me</small>
+                </label> -->
+                <%= content_tag :button, t(:login), :type => :submit, :class => 'btn btn-primary' %>
+              <% end %>
+
+              <!-- <form class="content" accept-charset="UTF-8" action="/users/sign_in" method="post">
+                <div class="control-group clear">
+                  <label for="user_email">
+                    <i class="icon-user"></i>
+                  </label>
+                  <input type="text" id="user_id" name="user[id]" placeholder="帳號" />
+                </div>
+                <div class="control-group clear">
+                  <label for="user_password">
+                    <i class="icons-mail"></i>
+                  </label>
+                  <input type="text" id="user_email" name="user[email]" placeholder="電子郵件" />
+                </div>
+                <button class="btn btn-primary" type="submit">Submit</button>
+              </form> -->
+            </div>
+            <!-- <div class="switchboard"><span>Forgot Password ?</span> <i class="icons-arrow-left-2"></i></div> -->
+          </div>
+          <!-- <div class="register">
+            <button class="btn btn-inverse" type="submit">Register</button>
+          </div> -->
+
+        </div>
+      </div>
\ No newline at end of file
diff --git a/app/views/layouts/_right_menu.html.erb b/app/views/layouts/_right_menu.html.erb
index fba8d449d..6c38736a4 100644
--- a/app/views/layouts/_right_menu.html.erb
+++ b/app/views/layouts/_right_menu.html.erb
@@ -53,6 +53,11 @@
           </div>
           <div class="modal-body">
             <%= form_for :user, url: user_session_path, html: {class: 'container'} do |f| %>
+              <div class="other-sign-in">
+                <% @request_hosts = request.host_with_port.split(".") %>
+                <a class="btn btn-primary" type="submit" href="https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignin1.0&wtrealm=https://management.ntu.edu.tw/saml_login&wctx=<%= @request_hosts[0] %>">使用計中帳號登入</a>
+                <p>or</p>
+              </div>
               <div class="input-prepend">
                 <span class="add-on">
                   <i class="icon-user"></i>
diff --git a/app/views/layouts/devise.html.erb b/app/views/layouts/devise.html.erb
index d1a3512c9..adbb1c409 100644
--- a/app/views/layouts/devise.html.erb
+++ b/app/views/layouts/devise.html.erb
@@ -13,8 +13,9 @@
 <body>
 	<%= render 'layouts/orbit_bar' %>
 	<%= yield %>
-	<div id="sign-footer">
+	<!--<div id="sign-footer">
       <p>Rulingcom</p>
-  </div>
+    </div>
+    -->
 </body>
 </html>
diff --git a/config/routes.rb b/config/routes.rb
index c244fb26e..863ed9888 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -9,6 +9,14 @@ Orbit::Application.routes.draw do
     match "/users_passwd" => "desktop/registrations#update", :as => :users_passwd, :via => :put
   end
 
+  devise_scope :user do
+    get 'user_login' => 'sessions#create'
+    match 'user_logout' => 'sessions#destroy'
+  end
+
+  match "saml_login" => 'saml_logins#index'
+
+
   mount Resque::Server, :at => "/admin/resque"
   mount Rack::GridFS::Endpoint.new(:db => Mongoid.database,:lookup=>:path), :at => "gridfs"