diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb new file mode 100644 index 00000000..f5df51b5 --- /dev/null +++ b/app/controllers/sessions_controller.rb @@ -0,0 +1,40 @@ +# encoding: utf-8 + +class SessionsController < Devise::SessionsController + prepend_before_filter :require_no_authentication, :only => [ :new, :create ] + + + def create + @site = Site.first + + private_key = OpenSSL::PKey::RSA.new(@site.private_key) + wresult = private_key.private_decrypt(request.params['wresult']) + + @ids = wresult.split("@") + + login_uid = @ids[0] + + resource = User.first(conditions:{user_id: login_uid}) + + if !resource.blank? + resource_name = resource.class.to_s.downcase + sign_in(resource_name, resource) + session[:user_id_type] = "myntucoph" + redirect_to after_sign_in_path_for(resource) + else + flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員
Sorry, you don't have the account or authority to login. Please contact the website administrator." + redirect_to :root + end + end + + def destroy + @user_id_type = session[:user_id_type] + sign_out + if @user_id_type == "myntucoph" + redirect_to "https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignout1.0&wreply=https://cophlogin.ntu.edu.tw" + else + redirect_to root_path + end + end + +end \ No newline at end of file diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb index 1b77fce2..03150e51 100644 --- a/app/views/devise/sessions/new.html.erb +++ b/app/views/devise/sessions/new.html.erb @@ -1,59 +1,62 @@ -
+ +
- - <% flash.each do |key, msg| %> - <%= content_tag :p, msg, :class => [key, "alert alert-error in fade"] %> + + <% flash.each do |key, msg| %> + <%= content_tag :p, msg, :class => [key, "alert alert-error"] %> <% end %> -
- -
- - -
- +
-
- <%= form_for resource, :as => resource_name, :url => session_path(resource_name), :html => {:class => 'content'} do |f| %> - + <%= form_for resource, :as => resource_name, :url => session_path(resource_name), :html => {:class => 'content'} do |f| %>
- <%= f.text_field :user_id, :placeholder => t("users.user_id"), :id=>"user_email" %> + <%= f.text_field :user_id, :placeholder => t("users.user_id") %>
- <%= f.password_field :password, :placeholder => t(:dots), :id=>"user_password" %> + <%= f.password_field :password, :placeholder => t(:dots) %>
-
- - + <%= content_tag :button, t(:login), :type => :submit, :class => 'btn btn-primary' %> -
- + <% end %> + +
+
-
- <%= link_to content_tag(:small, t(:forgot_password)), new_user_password_path %> -
-
- - <% end %>
-
\ No newline at end of file diff --git a/app/views/layouts/_right_menu.html.erb b/app/views/layouts/_right_menu.html.erb index b4efb307..bcda6caf 100644 --- a/app/views/layouts/_right_menu.html.erb +++ b/app/views/layouts/_right_menu.html.erb @@ -56,6 +56,11 @@ <% end %> - \ No newline at end of file + diff --git a/config/routes.rb b/config/routes.rb index b2164716..626594e6 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -7,6 +7,11 @@ Orbit::Application.routes.draw do resources :passwords, :except => [:index, :show, :destroy] match "/users_passwd" => "desktop/registrations#update", :as => :users_passwd, :via => :put end + + devise_scope :user do + get 'user_login' => 'sessions#create' + match 'user_logout' => 'sessions#destroy' + end mount Resque::Server, :at => "/admin/resque" mount Rack::GridFS::Endpoint.new(:db => Mongoid.database,:lookup=>:path), :at => "gridfs"