From 8fb3b408b489a4c9e6eaf6548ca8863d27973d00 Mon Sep 17 00:00:00 2001
From: Spen <spen821@gmail.com>
Date: Fri, 20 Dec 2013 11:08:16 +0800
Subject: [PATCH] ntu coph sso

---
 app/controllers/sessions_controller.rb | 40 ++++++++++++++
 app/views/devise/sessions/new.html.erb | 73 ++++++++++++++------------
 app/views/layouts/_right_menu.html.erb |  7 ++-
 config/routes.rb                       |  5 ++
 4 files changed, 89 insertions(+), 36 deletions(-)
 create mode 100644 app/controllers/sessions_controller.rb

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
new file mode 100644
index 00000000..f5df51b5
--- /dev/null
+++ b/app/controllers/sessions_controller.rb
@@ -0,0 +1,40 @@
+# encoding: utf-8
+
+class SessionsController < Devise::SessionsController
+	prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
+
+
+  def create 
+	  @site = Site.first
+
+      private_key = OpenSSL::PKey::RSA.new(@site.private_key)
+      wresult = private_key.private_decrypt(request.params['wresult'])
+
+  	  @ids = wresult.split("@")
+
+      login_uid = @ids[0]
+
+  	  resource = User.first(conditions:{user_id: login_uid})
+
+	  if !resource.blank?
+	     resource_name = resource.class.to_s.downcase
+	     sign_in(resource_name, resource)
+	     session[:user_id_type] = "myntucoph"
+	     redirect_to after_sign_in_path_for(resource)
+	  else
+	     flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員<br />Sorry, you don't have the account or authority to login. Please contact the website administrator."
+	     redirect_to :root
+	  end
+  end
+
+  def destroy
+  	@user_id_type = session[:user_id_type]
+    sign_out
+    if @user_id_type == "myntucoph"
+      redirect_to "https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignout1.0&wreply=https://cophlogin.ntu.edu.tw"
+    else
+      redirect_to root_path
+    end
+  end
+
+end
\ No newline at end of file
diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
index 1b77fce2..03150e51 100644
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@@ -1,59 +1,62 @@
-    <section id="main-wrap">
+
+
       <div class="sign-in have-other-sign-in">
-<!--         <p class="alert alert-error in fade">You need to sign in.</p>
- -->    
-        <% flash.each do |key, msg| %>
-		    <%= content_tag :p, msg, :class => [key, "alert alert-error in fade"] %>
+
+		<% flash.each do |key, msg| %>
+			<%= content_tag :p, msg, :class => [key, "alert alert-error"] %>
 		<% end %>
 
- 		<div class="form">
-          <h3 class="login-logo">Log In to Orbit</h3>
-          <div>
-            <input name="utf8" type="hidden" value="" />
-            <input name="authenticity_token" type="hidden" value="" />
-          </div>
-<!--           <div class="other-sign-in">
-            <a class="btn btn-primary" type="submit">Other Sign In</a>
+        
+        <div class="form">
+          <h3 class="login-logo"><%= t(:login) %></h3>
+          <div class="other-sign-in">
+            <% @request_hosts = request.host_with_port.split(".") %>
+              <a class="btn btn-primary" type="submit" href="https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignin1.0&wtrealm=https://cophlogin.ntu.edu.tw/saml_login&wctx=<%= @request_hosts[0] %>">使用計中帳號登入</a>
             <p>or</p>
-          </div> -->
+          </div>
           <div class="form-block">
             <div class="form-list clearfix">
-              <form class="content" accept-charset="UTF-8" action="/users/sign_in" method="post">
-               <%= form_for resource, :as => resource_name, :url => session_path(resource_name), :html => {:class => 'content'} do |f| %>
-
+              <%= form_for resource, :as => resource_name, :url => session_path(resource_name), :html => {:class => 'content'} do |f| %>
                 <div class="control-group clear">
                   <label for="user_email">
                     <i class="icon-user"></i>
                   </label>
-                 	<%= f.text_field :user_id, :placeholder => t("users.user_id"), :id=>"user_email" %>
+				  <%= f.text_field :user_id, :placeholder => t("users.user_id") %>
                 </div>
                 <div class="control-group clear">
                   <label for="user_password">
                     <i class="icon-lock"></i>
                   </label>
-                  <%= f.password_field :password, :placeholder => t(:dots), :id=>"user_password" %>
+                  <%= f.password_field :password, :placeholder => t(:dots) %>
                 </div>
-                <br/>
-                <label class="checkbox">
-                <% if devise_mapping.rememberable? -%>
-                  <%= f.check_box :remember_me %> <small><%= f.label :remember_me %></small>
-                <% end -%>
-                </label>
-                
+                <!-- <label class="checkbox">
+                  <input type="checkbox" value="">
+                  <small>Remember me</small>
+                </label> -->
                 <%= content_tag :button, t(:login), :type => :submit, :class => 'btn btn-primary' %>
-              </form>
-              
+              <% end %>
+
+              <!-- <form class="content" accept-charset="UTF-8" action="/users/sign_in" method="post">
+                <div class="control-group clear">
+                  <label for="user_email">
+                    <i class="icon-user"></i>
+                  </label>
+                  <input type="text" id="user_id" name="user[id]" placeholder="帳號" />
+                </div>
+                <div class="control-group clear">
+                  <label for="user_password">
+                    <i class="icons-mail"></i>
+                  </label>
+                  <input type="text" id="user_email" name="user[email]" placeholder="電子郵件" />
+                </div>
+                <button class="btn btn-primary" type="submit">Submit</button>
+              </form> -->
             </div>
+            <!-- <div class="switchboard"><span>Forgot Password ?</span> <i class="icons-arrow-left-2"></i></div> -->
           </div>
-          <div class="pull-right">
-            <%= link_to content_tag(:small, t(:forgot_password)), new_user_password_path %>
-          </div>
-          <br/>
-         <!--  <div class="register">
+          <!-- <div class="register">
             <button class="btn btn-inverse" type="submit">Register</button>
           </div> -->
-        <% end %>
 
         </div>
       </div>
-    </section>
\ No newline at end of file
diff --git a/app/views/layouts/_right_menu.html.erb b/app/views/layouts/_right_menu.html.erb
index b4efb307..bcda6caf 100644
--- a/app/views/layouts/_right_menu.html.erb
+++ b/app/views/layouts/_right_menu.html.erb
@@ -56,6 +56,11 @@
           </div>
           <div class="modal-body">
             <%= form_for :user, url: user_session_path, html: {class: 'container'} do |f| %>
+              <div class="other-sign-in">
+                <% @request_hosts = request.host_with_port.split(".") %>
+                <a class="btn btn-primary" type="submit" href="https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignin1.0&wtrealm=https://cophlogin.ntu.edu.tw/saml_login&wctx=<%= @request_hosts[0] %>">使用計中帳號登入</a>
+                <p>or</p>
+              </div>
               <div class="input-prepend">
                 <span class="add-on">
                   <i class="icon-user"></i>
@@ -84,4 +89,4 @@
           </div>
         </div>
     <% end %>
-</ul>
\ No newline at end of file
+</ul>
diff --git a/config/routes.rb b/config/routes.rb
index b2164716..626594e6 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -7,6 +7,11 @@ Orbit::Application.routes.draw do
     resources :passwords, :except => [:index, :show, :destroy]
     match "/users_passwd" => "desktop/registrations#update", :as => :users_passwd, :via => :put
   end
+  
+  devise_scope :user do
+    get 'user_login' => 'sessions#create'
+    match 'user_logout' => 'sessions#destroy'
+  end
 
   mount Resque::Server, :at => "/admin/resque"
   mount Rack::GridFS::Endpoint.new(:db => Mongoid.database,:lookup=>:path), :at => "gridfs"