sso for ntu mb all sites

Conflicts: app/assets/stylesheets/basic/global.css app/views/devise/sessions/new.html.erb app/views/layouts/devise.html.erb
2013-09-26 15:23:03 +08:00 · 2013-09-26 15:23:03 +08:00 · 9d45df1c5a
parent f59452ffc4
commit 9d45df1c5a
7 changed files with 163 additions and 50 deletions
--- a/app/assets/stylesheets/basic/global.css
+++ b/app/assets/stylesheets/basic/global.css
@ -682,8 +682,8 @@ legend {
  margin-bottom: 25px;
 }
 .sign-in .btn {
-  padding: 4px 0;
  display: block;
+  padding: 4px 0;
  width: 100%;
  margin-bottom: 10px;
 }
@ -711,7 +711,7 @@ legend {
 .sign-in .checkbox {
  position: absolute;
  text-align: left;
-  bottom: 37px;
+  bottom: 47px;
 }
 .sign-in .switchboard {
  color: #08C;
@ -766,4 +766,4 @@ legend {
  #main-wrap .wrap-inner {
    padding: 20px 0;
  }
-}
+}
--- a/app/assets/stylesheets/basic/orbit_bar.css.erb
+++ b/app/assets/stylesheets/basic/orbit_bar.css.erb
@ -2,16 +2,17 @@
 	top: 0px;
 	left: -10px;
 	right: -10px;
-	height: 40px;
 	z-index: 1041;
 	position: fixed;
 	margin-bottom: 0;
+	height: 40px;
 }
 #orbit-bar .orbitlogo {
-	width: 20px;
-	height: 20px;
+	width: 50px;
+	height: 40px;
+	padding: 0!important;
 	background-size: 70%;
-	display: inline-block;
+	display: block;
 	background-position: center;
 	background-repeat: no-repeat;
 	background-image: url(<%= asset_path 'orbit-logo.svg' %>);
@ -19,8 +20,23 @@
 	/* For Suck IE */
 	background-image: url(<%= asset_path 'orbit-logo.png' %>)\9;
 }
+#orbit-bar .dropdown-menu li > a {
+	padding: 0 20px;
+	display: block;
+	height: 30px;
+	line-height: 30px;
+}
+#orbit-bar .dropdown-menu li i {
+	float: left;
+	display: inline-block;
+	margin-right: 5px;
+	line-height: 30px;
+	height: 100%;
+}
 #orbit-bar.navbar .nav > li > a {
 	color: #EEE;
+	padding: 0 15px;
+	display: block;
 	text-shadow: 0 -1px 0 #000;
 	border-right: 1px solid #363636;
 	box-shadow: 1px 0px 0px rgba(0, 0, 0, 0.3);
@ -34,6 +50,11 @@
 	background-color: #0095CF;
 	text-shadow: 0 -1px 0 #014380;
 }
+#orbit-bar.navbar .nav > li > a > [class^="icon"],
+#orbit-bar.navbar .nav > li > a > [class*=" icon"] {
+	line-height: 40px;
+	display: block;
+}
 #orbit-bar.navbar .nav li.dropdown.open > .dropdown-toggle,
 #orbit-bar.navbar .nav li.dropdown.active > .dropdown-toggle,
 #orbit-bar.navbar .nav li.dropdown.open.active > .dropdown-toggle {
@ -41,9 +62,7 @@
 	text-shadow: 0 -1px 0 #014380;
 }
 #orbit-bar .navbar-inner {
-	height: 40px;
 	border-width: 0;
-	min-height: 40px;
 	background-color: #333333;
 	-webkit-border-radius: 0px;
 	   -moz-border-radius: 0px;
@ -66,6 +85,10 @@
 	right: auto;
 	bottom: auto;
 }
+#orbit-bar .nav > li {
+	display: block;
+	line-height: 40px;
+}
 #orbit-bar .nav [class^="icon"],
 #orbit-bar .nav [class*=" icon"] {
 	font-size: 1.5em;
@ -92,17 +115,45 @@
 #orbit-bar .modal .input-prepend {
 	margin-bottom: 15px;
 }
+#orbit-bar .modal .other-sign-in {
+	position: relative;
+	text-align: center;
+	margin-top: 20px;
+	margin-bottom: 30px;
+	padding-bottom: 20px;
+	border-bottom: 1px solid #EDEDED;
+}
+#orbit-bar .modal .other-sign-in .btn {
+	padding: 4px 0;
+	display: block;
+	margin-bottom: 5px;
+	width: 100%;
+}
+#orbit-bar .modal .other-sign-in p {
+	position: absolute;
+	width: 30px;
+	height: 30px;
+	background-color: #FFF;
+	padding: 0 10px;
+	margin-bottom: 0;
+	margin-left: -25px;
+	line-height: 30px;
+	left: 50%;
+	bottom: -15px;
+	font-size: 1.3em;
+	color: #B1B1B1;
+}

 /*Search*/
 #orbit-bar #search {
 	margin-bottom: 0;
 	position: relative;
-	padding: 8px 10px 0;
+	padding: 0 10px;
 	border-right: 1px solid #363636;
 	box-shadow: 1px 0px 0px rgba(0, 0, 0, 0.3);
 }
 #orbit-bar #search form {
-	margin-bottom: 8px;
+	margin: 8px 0;
 }
 #orbit-bar #search input[type="text"] {
 	height: 14px;
@ -110,6 +161,7 @@
 	font-size: 13px;
 	padding-left: 25px;
 	padding-right: 25px;
+	display: block;
 	-webkit-border-radius: 12px;
 	   -moz-border-radius: 12px;
 	     -o-border-radius: 12px;
@ -122,15 +174,16 @@
 #orbit-bar #search .search-clear {
 	position: absolute;
 	color: #A3A3A3;
-	top: 14px;
+	top: 16px;
 }
 #orbit-bar #search .icon-search {
-	left: 13px;
-	top: 15px;
+	left: 15px;
 	font-size: 1.2em;
+	width: 1.25em;
+	margin-top: 0;
 }
 #orbit-bar #search .search-clear {
-	right: 14px;
+	right: 13px;
 	font-size: 1.3em;
 }
 #orbit-bar #search .search-clear:hover {
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -0,0 +1,40 @@
+# encoding: utf-8
+
+class SessionsController < Devise::SessionsController
+	prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
+
+
+  def create 
+	  @site = Site.first
+
+      private_key = OpenSSL::PKey::RSA.new(@site.private_key)
+      wresult = private_key.private_decrypt(request.params['wresult'])
+
+  	  @ids = wresult.split("@")
+
+      login_uid = @ids[0]
+
+  	  resource = User.first(conditions:{user_id: login_uid})
+
+	  if !resource.blank?
+	     resource_name = resource.class.to_s.downcase
+	     sign_in(resource_name, resource)
+	     session[:user_id_type] = "myntumb"
+	     redirect_to after_sign_in_path_for(resource)
+	  else
+	     flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員<br />Sorry, you don't have the account or authority to login. Please contact the website administrator."
+	     redirect_to :root
+	  end
+  end
+
+  def destroy
+  	@user_id_type = session[:user_id_type]
+    sign_out
+    if @user_id_type == "myntumb"
+      redirect_to "https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignout1.0&wreply=https://management.ntu.edu.tw"
+    else
+      redirect_to root_path
+    end
+  end
+
+end
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@ -1,59 +1,62 @@
-    <section id="main-wrap">
+
+
      <div class="sign-in have-other-sign-in">
-<!--         <p class="alert alert-error in fade">You need to sign in.</p>
- -->    
-        <% flash.each do |key, msg| %>
-		    <%= content_tag :p, msg, :class => [key, "alert alert-error in fade"] %>
+
+		<% flash.each do |key, msg| %>
+			<%= content_tag :p, msg, :class => [key, "alert alert-error"] %>
 		<% end %>

- 		<div class="form">
-          <h3 class="login-logo">Log In to Orbit</h3>
-          <div>
-            <input name="utf8" type="hidden" value="" />
-            <input name="authenticity_token" type="hidden" value="" />
-          </div>
-<!--           <div class="other-sign-in">
-            <a class="btn btn-primary" type="submit">Other Sign In</a>
+        
+        <div class="form">
+          <h3 class="login-logo"><%= t(:login) %></h3>
+          <div class="other-sign-in">
+            <% @request_hosts = request.host_with_port.split(".") %>
+              <a class="btn btn-primary" type="submit" href="https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignin1.0&wtrealm=https://management.ntu.edu.tw/saml_login&wctx=<%= @request_hosts[0] %>">使用計中帳號登入</a>
            <p>or</p>
-          </div> -->
+          </div>
          <div class="form-block">
            <div class="form-list clearfix">
-              <form class="content" accept-charset="UTF-8" action="/users/sign_in" method="post">
-               <%= form_for resource, :as => resource_name, :url => session_path(resource_name), :html => {:class => 'content'} do |f| %>
-
+              <%= form_for resource, :as => resource_name, :url => session_path(resource_name), :html => {:class => 'content'} do |f| %>
                <div class="control-group clear">
                  <label for="user_email">
                    <i class="icon-user"></i>
                  </label>
-                 	<%= f.text_field :user_id, :placeholder => t("users.user_id"), :id=>"user_email" %>
+				  <%= f.text_field :user_id, :placeholder => t("users.user_id") %>
                </div>
                <div class="control-group clear">
                  <label for="user_password">
                    <i class="icon-lock"></i>
                  </label>
-                  <%= f.password_field :password, :placeholder => t(:dots), :id=>"user_password" %>
+                  <%= f.password_field :password, :placeholder => t(:dots) %>
                </div>
-                <br/>
-                <label class="checkbox">
-                <% if devise_mapping.rememberable? -%>
-                  <%= f.check_box :remember_me %> <small><%= f.label :remember_me %></small>
-                <% end -%>
-                </label>
-                
+                <!-- <label class="checkbox">
+                  <input type="checkbox" value="">
+                  <small>Remember me</small>
+                </label> -->
                <%= content_tag :button, t(:login), :type => :submit, :class => 'btn btn-primary' %>
-              </form>
-              
+              <% end %>
+
+              <!-- <form class="content" accept-charset="UTF-8" action="/users/sign_in" method="post">
+                <div class="control-group clear">
+                  <label for="user_email">
+                    <i class="icon-user"></i>
+                  </label>
+                  <input type="text" id="user_id" name="user[id]" placeholder="帳號" />
+                </div>
+                <div class="control-group clear">
+                  <label for="user_password">
+                    <i class="icons-mail"></i>
+                  </label>
+                  <input type="text" id="user_email" name="user[email]" placeholder="電子郵件" />
+                </div>
+                <button class="btn btn-primary" type="submit">Submit</button>
+              </form> -->
            </div>
+            <!-- <div class="switchboard"><span>Forgot Password ?</span> <i class="icons-arrow-left-2"></i></div> -->
          </div>
-          <div class="pull-right">
-            <%= link_to content_tag(:small, t(:forgot_password)), new_user_password_path %>
-          </div>
-          <br/>
-         <!--  <div class="register">
+          <!-- <div class="register">
            <button class="btn btn-inverse" type="submit">Register</button>
          </div> -->
-        <% end %>

        </div>
      </div>
-    </section>
--- a/app/views/layouts/_right_menu.html.erb
+++ b/app/views/layouts/_right_menu.html.erb
@ -56,6 +56,11 @@
          </div>
          <div class="modal-body">
            <%= form_for :user, url: user_session_path, html: {class: 'container'} do |f| %>
+              <div class="other-sign-in">
+                <% @request_hosts = request.host_with_port.split(".") %>
+                <a class="btn btn-primary" type="submit" href="https://adfs.ntu.edu.tw/adfs/ls/?wa=wsignin1.0&wtrealm=https://management.ntu.edu.tw/saml_login&wctx=<%= @request_hosts[0] %>">使用計中帳號登入</a>
+                <p>or</p>
+              </div>
              <div class="input-prepend">
                <span class="add-on">
                  <i class="icon-user"></i>
--- a/app/views/layouts/devise.html.erb
+++ b/app/views/layouts/devise.html.erb
@ -24,5 +24,9 @@
 <body>
 	<%= render 'layouts/orbit_bar' %>
 	<%= yield %>
+	<!--<div id="sign-footer">
+      <p>Rulingcom</p>
+    </div>
+    -->
 </body>
 </html>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -8,6 +8,14 @@ Orbit::Application.routes.draw do
    match "/users_passwd" => "desktop/registrations#update", :as => :users_passwd, :via => :put
  end

+  devise_scope :user do
+    get 'user_login' => 'sessions#create'
+    match 'user_logout' => 'sessions#destroy'
+  end
+
+  match "saml_login" => 'saml_logins#index'
+
+
  mount Resque::Server, :at => "/admin/resque"
  mount Rack::GridFS::Endpoint.new(:db => Mongoid.database,:lookup=>:path), :at => "gridfs"