orbit-basic/app/controllers/sessions_controller.rb

class SessionsController < Devise::SessionsController
  prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
  include Devise::Controllers::InternalHelpers

  # POST /resource/sign_in
  def create 
    # login_password = params[:user][:password]
    # login_uid = params[:user][:nccu_ldap_uid]
    login_password = params[:user][:password]
    login_uid = params[:user][:nccu_ldap_uid]
    result = false
    ldap_filter = "(uid=#{login_uid})"
    if /@rulingcom.com$/.match(login_uid).nil?
      MiddleSiteConnection.establish
      NccuLdapConnection.establish

      if ($nccu_ldap_connection.bind rescue false)
          logger.info "=LDAP Binded password ok..."
          result =check_auth_with_ldap(login_uid,login_password) 
          if result && login_password!=''
            logger.info "==LDAP  password passed..."
            nccu_id = get_nccu_id_from_mid_site(login_uid)
            resource =  nccu_id.nil? ? nil : (User.first(conditions:{ nccu_ldap_uid: nccu_id }))
            # resource = env['warden'].authenticate!(:check_nccu_ldap)
             # resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
            set_flash_message(:notice, :signed_in) if is_navigational_format?
            if (resource.nil? || nccu_id.nil?)
               logger.error "===LDAP passed local block... resource:#{resource.inspect}\n nccu_id:#{nccu_id} \t login_uid:#{login_uid}"
              flash[:notice] = t('devise.failure.ldap_pass_but_account_not_in_orbit')
              render :action => "new"
            else
               logger.info "===ALL passed"
              resource_name = resource.class.to_s.downcase
              sign_in(resource_name, resource)
              respond_with resource, :location => redirect_location(resource_name, resource)
            end
          else
            logger.error "==password LDAP fail..."
            flash[:notice] = t('devise.failure.ldap_invalid')
            render :action => "new" 
          end
        else
          logger.error "=LDAP fail..."
          flash[:notice] = t('devise.failure.ldap_connection_failed')
          render :action => "new"
        end
        else #if rulingcom account
          logger.info "=======Rulingcom account======"
          resource = User.first(conditions:{email: login_uid})
          if resource.valid_password?(login_password)
              resource_name = resource.class.to_s.downcase
              sign_in(resource_name, resource)
              respond_with resource, :location => redirect_location(resource_name, resource)
            else
              logger.error "==password Local fail..."
              flash[:notice] = t('devise.failure.invalid')
              render :action => "new" 
          end
        end
      logger.info "=======End Debugging======"

    end
private  
  def check_auth_with_ldap(login_uid,login_password)
    ldap_filter = "(uid=#{login_uid})"
    $nccu_ldap_connection.bind_as(:base => NccuLdapConnection::BASE,:filter => ldap_filter,:password=> login_password) rescue false
  end

  def get_nccu_id_from_mid_site(ldap_id)
    nccu_id = $mid_site_connection.query("SELECT nccu_id FROM rss_aaldap_view WHERE ldap_id='#{ldap_id}' LIMIT 1").first['nccu_id'] rescue nil
        # 
        # if  nccu_id.nil?
        #   #show_error 
        #   p 'account not exist'
        #   #should return?
        # end
        # # User.first(conditions: {  })
        # rss_pautlst_ut = $mid_site_connection.query("SELECT * FROM rss_pautlst_ut WHERE nccu_id='#{nccu_id}' LIMIT 1").first rescue nil
        # # rss_paunit = client.query("SELECT * FROM rss_paunit  LIMIT 1").first rescue nil
        # user = User.find_or_create_by(:nccu_id => nccu_id)
        #  p user
        #  # p rss_paunit
        # 
  end
end