# encoding: utf-8

class SessionsController < Devise::SessionsController
	prepend_before_filter :require_no_authentication, :only => [ :new, :create ]

  require 'savon'

  def create 


    @SYS_USER = "rulingcom"
    @SYS_PASS = "pxm87912tkx"
    @LDAP_USER = params[:user][:user_id]
    @LDAP_PASS = params[:user][:password]

    if @LDAP_USER == 'rulingcom'

      resource = User.first(conditions:{user_id: @LDAP_USER})
      
      if !resource.blank? and resource.valid_password?(@LDAP_PASS)

        resource_name = resource.class.to_s.downcase
        sign_in(resource_name, resource)
        redirect_to after_sign_in_path_for(resource)

	  elsif !resource.valid_password?(@LDAP_PASS)

		flash[:error] = "密碼錯誤<br />password Local fail"
		redirect_to :root

      else

        flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員<br />Sorry, you don't have the account or authority to login. Please contact the website administrator."
        redirect_to :root
        
      end

    else

      client = Savon.client(wsdl: 'http://ap.ydu.edu.tw/LDAP_WS/RulingcomDataService.asmx?wsdl',filters: [:SYS_USER, :SYS_PASS, :LDAP_USER, :LDAP_PASS])

      client.operations
      
      response = client.call(:login_chk, message: { 
        "SYS_USER" => @SYS_USER, 
        "SYS_PASS" =>  @SYS_PASS,
        "LDAP_USER" => @LDAP_USER, 
        "LDAP_PASS" => @LDAP_PASS, 
        "User_IP" => request.remote_ip
      })

      @datas = response.body[:login_chk_response][:login_chk_result][:string]

      if !@datas[0].blank? and ( @datas[0] == 'P' or @datas[0] == 'U' ) #使用者帳號回傳P，單位帳號回傳U

        resource = User.first(conditions:{user_id: @LDAP_USER})
        
        if !resource.blank?

          resource_name = resource.class.to_s.downcase
          sign_in(resource_name, resource)
          redirect_to after_sign_in_path_for(resource)

        else #認證通過無帳號要新增

          @new_user = User.new

          @new_user.user_id = @LDAP_USER
          @new_user.admin = false
          @new_user.email = "#{@LDAP_USER}@ydu.edu.tw"
          @new_user.password = "#{@LDAP_USER}@ydu.edu.tw"
          @new_user.created_at = DateTime.now
          @new_user.updated_at = DateTime.now
          
          @new_user.cache_dept = { "zh_tw" => ( @datas[1] ? @datas[1] : nil ), "en" => ( @datas[1] ? @datas[1] : nil ) }

          @new_user.first_name_translations = {}
        
          @new_user.first_name_translations["zh_tw"] = ( @datas[1] ? @datas[1] : nil )
        
          @new_user.first_name_translations["en"] = ( @datas[1] ? @datas[1] : nil )

          # @new_user.first_name = ( @datas[1] ? @datas[1] : nil )

          if @datas[0] == 'P'
          
            @new_user.last_name_translations = {}
          
            @new_user.last_name_translations["zh_tw"] = ( @datas[2] ? @datas[2] : nil )
          
            @new_user.last_name_translations["en"] = ( @datas[2] ? @datas[2] : nil )

            # @new_user.last_name = ( @datas[2] ? @datas[2] : nil )

          end

          @new_user.save

          resource_name = @new_user.class.to_s.downcase
          sign_in(resource_name, @new_user)
          redirect_to after_sign_in_path_for(@new_user)

        end


      else
        flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員<br />Sorry, you don't have the account or authority to login. Please contact the website administrator."
        redirect_to :root
      end

    end

  end


end