From 51efaa6d6b4c203a3ad812161344ad1613aaf925 Mon Sep 17 00:00:00 2001 From: Spen Date: Thu, 22 Aug 2013 14:04:07 +0800 Subject: [PATCH] YDU ldap login --- Gemfile | 2 + app/controllers/sessions_controller.rb | 111 +++++++++++++++++++++++++ config/routes.rb | 1 + 3 files changed, 114 insertions(+) create mode 100644 app/controllers/sessions_controller.rb diff --git a/Gemfile b/Gemfile index 16c820c9a..b5b5a9912 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,8 @@ source 'http://rubygems.org' gem 'rails', "~> 3.2.9" +gem 'savon', '~> 2.2.0' + gem "brakeman" gem 'mime-types' diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb new file mode 100644 index 000000000..378201947 --- /dev/null +++ b/app/controllers/sessions_controller.rb @@ -0,0 +1,111 @@ +# encoding: utf-8 + +class SessionsController < Devise::SessionsController + prepend_before_filter :require_no_authentication, :only => [ :new, :create ] + + require 'savon' + + def create + + + @SYS_USER = "rulingcom" + @SYS_PASS = "pxm87912tkx" + @LDAP_USER = params[:user][:user_id] + @LDAP_PASS = params[:user][:password] + + if @LDAP_USER == 'rulingcom' + + resource = User.first(conditions:{user_id: @LDAP_USER}) + + if !resource.blank? + + resource_name = resource.class.to_s.downcase + sign_in(resource_name, resource) + redirect_to after_sign_in_path_for(resource) + + else + + flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員
Sorry, you don't have the account or authority to login. Please contact the website administrator." + redirect_to :root + + end + + else + + client = Savon.client(wsdl: 'http://ap.ydu.edu.tw/LDAP_WS/RulingcomDataService.asmx?wsdl',filters: [:SYS_USER, :SYS_PASS, :LDAP_USER, :LDAP_PASS]) + + client.operations + + response = client.call(:login_chk, message: { + "SYS_USER" => @SYS_USER, + "SYS_PASS" => @SYS_PASS, + "LDAP_USER" => @LDAP_USER, + "LDAP_PASS" => @LDAP_PASS, + "User_IP" => request.remote_ip + }) + + @datas = response.body[:login_chk_response][:login_chk_result][:string] + + if !@datas[0].blank? and ( @datas[0] == 'P' or @datas[0] == 'U' ) #使用者帳號回傳P,單位帳號回傳U + + resource = User.first(conditions:{user_id: @LDAP_USER}) + + if !resource.blank? + + resource_name = resource.class.to_s.downcase + sign_in(resource_name, resource) + redirect_to after_sign_in_path_for(resource) + + else #認證通過無帳號要新增 + + @new_user = User.new + + @new_user.user_id = @LDAP_USER + @new_user.admin = false + @new_user.email = "#{@LDAP_USER}@ydu.edu.tw" + @new_user.password = "#{@LDAP_USER}@ydu.edu.tw" + @new_user.created_at = DateTime.now + @new_user.updated_at = DateTime.now + + @new_user.cache_dept = { "zh_tw" => ( @datas[1] ? @datas[1] : nil ), "en" => ( @datas[1] ? @datas[1] : nil ) } + + @new_user.first_name_translations = {} + + @new_user.first_name_translations["zh_tw"] = ( @datas[1] ? @datas[1] : nil ) + + @new_user.first_name_translations["en"] = ( @datas[1] ? @datas[1] : nil ) + + # @new_user.first_name = ( @datas[1] ? @datas[1] : nil ) + + if @datas[0] == 'P' + + @new_user.last_name_translations = {} + + @new_user.last_name_translations["zh_tw"] = ( @datas[2] ? @datas[2] : nil ) + + @new_user.last_name_translations["en"] = ( @datas[2] ? @datas[2] : nil ) + + # @new_user.last_name = ( @datas[2] ? @datas[2] : nil ) + + end + + @new_user.save + + resource_name = @new_user.class.to_s.downcase + sign_in(resource_name, @new_user) + redirect_to after_sign_in_path_for(@new_user) + + end + + + else + flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員
Sorry, you don't have the account or authority to login. Please contact the website administrator." + redirect_to :root + end + + end + + end + + +end \ No newline at end of file diff --git a/config/routes.rb b/config/routes.rb index 716918775..4c5507433 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -2,6 +2,7 @@ Orbit::Application.routes.draw do # get "robots.txt" => 'robots#index' + devise_for :users,:controllers => {:sessions => 'sessions'} devise_for :users do match "/users_passwd" => "desktop/registrations#update", :as => :users_passwd, :via => :put