orbit-4-2/app/controllers/sessions_controller.rb

# encoding: utf-8

class SessionsController < Devise::SessionsController
	prepend_before_filter :require_no_authentication, :only => [ :new, :create ]

  require 'savon'

  def create 

    @sys_id = params["sys_id"]

    client = Savon.client(wsdl: 'http://sso.ntue.edu.tw/soap/soapserver.php?wsdl')

    client.operations

    response = client.call(:chkidno, message: { sys_id: @sys_id })

    @id = response.body[:chkidno_response][:return][:id]

    login_uid = @id

  	resource = User.first(conditions:{user_id: login_uid})

    if !resource.blank?
      resource_name = resource.class.to_s.downcase
  	  sign_in(resource_name, resource)
  	  redirect_to after_sign_in_path_for(resource)
  	else
  	  flash[:error] = "很抱歉,您無此權限或帳號登入本站,請洽本站管理員<br />Sorry, you don't have the account or authority to login. Please contact the website administrator."
  	  redirect_to :root
    end

  end

end