class User < ApplicationRecord
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
  devise :ldap_authenticatable,
         :confirmable,
         :recoverable,
         :validatable

  def ldap_before_save
    self.email = Devise::LDAP::Adapter.get_ldap_param(self.cn, "mail").first
    dn = Devise::LDAP::Adapter.get_ldap_param(self.cn, "dn")
    self.ou = dn.split(',').select{|e| e[0..1] == "ou"}.first.delete_prefix("ou=")
  end

  def reset_password(new_password, new_password_confirmation)
    if new_password == new_password_confirmation && ::Devise.ldap_update_password
      Devise::LDAP::Adapter.update_password(login_with, new_password)
    end
    clear_reset_password_token if valid?
    save
  end
end