# HG changeset patch
# User Nattee Niparnan <nattee@gmail.com>
# Date 2014-08-19 17:17:14
# Node ID 4b88edeab117678e03bd749c3e1d50e4e8ed005d
# Parent  52cd3037bb5e3e9cf48e52ccabeda6ae19c0071b

add authentication by CU-CAS from p' krerk

diff --git a/app/models/user.rb b/app/models/user.rb
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,5 +1,6 @@
 require 'digest/sha1'
 require 'net/pop'
+require 'json'
 
 class User < ActiveRecord::Base
 
@@ -62,11 +63,13 @@
 
   def self.authenticate(login, password)
     user = find_by_login(login)
-    return user if user && user.authenticated?(password)
-    if user && user.authenticated_by_pop3?(password)
-      user.password = password
-      user.save
-      return user
+    if user
+      return user if user.authenticated?(password)
+      if user.authenticated_by_cucas?(password) or user.authenticated_by_pop3?(password)
+        user.password = password
+        user.save
+        return user
+      end
     end
   end
 
@@ -83,7 +86,7 @@
     pop = Net::POP3.new('pops.it.chula.ac.th')
     authen = true
     begin
-      pop.start(login, password)             # (1)
+      pop.start(login, password)
       pop.finish
       return true
     rescue 
@@ -91,6 +94,28 @@
     end
   end
 
+  def authenticated_by_cucas?(password)
+    url = URI.parse('https://www.cas.chula.ac.th/cas/api/?q=studentAuthenticate')
+    appid = '41508763e340d5858c00f8c1a0f5a2bb'
+    appsecret ='d9cbb5863091dbe186fded85722a1e31'
+    post_args = {
+      'appid' => appid,
+      'appsecret' => appsecret,
+      'username' => login,
+      'password' => password
+    }
+
+    #simple call
+    begin
+      resp = Net::HTTP.post_form(url, post_args)
+      result = JSON.parse resp.body
+      return true if result["type"] == "beanStudent"
+    rescue
+      return false
+    end
+    return false
+  end
+
   def admin?
     self.roles.detect {|r| r.name == 'admin' }
   end