diff --git a/app/controllers/authentications_controller.rb b/app/controllers/authentications_controller.rb
new file mode 100644
index 000000000..1c59a59d3
--- /dev/null
+++ b/app/controllers/authentications_controller.rb
@@ -0,0 +1,29 @@
+class AuthenticationsController < Devise::OmniauthCallbacksController
+ def google_oauth2
+ # we override the devise mapping because routing sets it to user
+ request.env["devise.mapping"] = Devise.mappings[session[:authenticating].to_sym]
+
+ @user = ConnectWithOauthProvider.connect(request.env["omniauth.auth"])
+
+ flash[:notice] = I18n.t "devise.omniauth_callbacks.success", kind: "Google"
+ sign_in_and_redirect @user, event: :authentication
+ rescue Champaign::NotWhitelisted
+ redirect_to new_user_session_path, flash: {error: t('oauth.not_authorised')}
+ end
+
+ def user_passthru
+ session[:authenticating] = 'user'
+ redirect_to "/auth/#{params[:provider]}"
+ end
+
+ def member_passthru
+ session[:authenticating] = 'member'
+ redirect_to "/auth/#{params[:provider]}"
+ end
+
+ def failure
+ # this is mostly a standin and needs some work
+ redirect_to new_user_session_path, flash: {error: error_message}
+ redirect_to after_omniauth_failure_path_for(resource_name)
+ end
+end
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
deleted file mode 100644
index c06b54e1f..000000000
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ /dev/null
@@ -1,16 +0,0 @@
-class OmniauthCallbacksController < Devise::OmniauthCallbacksController
- def google_oauth2
- begin
- @user = ConnectWithOauthProvider.connect(request.env["omniauth.auth"])
-
- flash[:notice] = I18n.t "devise.omniauth_callbacks.success", kind: "Google"
- sign_in_and_redirect @user, event: :authentication
- rescue Champaign::NotWhitelisted
- redirect_to new_user_session_path, flash: {error: t('oauth.not_authorised')}
- end
-
- # TODO: Handle registration, when new user is authenticating.
- # session["devise.google_data"] = request.env["omniauth.auth"]
- # redirect_to new_user_registration_url
- end
-end
diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
index 314d89e29..492e984e9 100644
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@@ -1,10 +1,8 @@
Log in
-<%- if devise_mapping.omniauthable? %>
-
- <%= link_to "Sign in with your SumOfUs email", omniauth_authorize_path(resource_name, 'google_oauth2'), class: 'btn btn-primary btn-lg' %>
-
-<% end -%>
+
+ <%= link_to "Sign in with your SumOfUs email", user_omniauth_authorize_path('google_oauth2'), class: 'btn btn-primary btn-lg' %>
+
or log in with a password
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index fb486b81b..9f3f210b7 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -229,13 +229,6 @@
# The default HTTP method used to sign out a resource. Default is :delete.
config.sign_out_via = :delete
- # ==> OmniAuth
- # Add a new OmniAuth provider. Check the wiki for more information on setting
- # up on your models and hooks.
-
- require 'omniauth-google-oauth2'
- config.omniauth :google_oauth2, Rails.application.secrets.omniauth_client_id, Rails.application.secrets.omniauth_client_secret, { access_type: "offline", approval_prompt: "" }
-
# ==> Warden configuration
# If you want to use other strategies, that are not supported by Devise, or
# change the failure app, you can configure them inside the config.warden block.
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
new file mode 100644
index 000000000..de7d82456
--- /dev/null
+++ b/config/initializers/omniauth.rb
@@ -0,0 +1,9 @@
+# ==> OmniAuth
+# Devise does not support multiple models with :omniauthable, so we're following
+# their recommendations on https://github.com/plataformatec/devise/wiki/OmniAuth-with-multiple-models
+
+require 'omniauth-google-oauth2'
+
+Rails.application.config.middleware.use OmniAuth::Builder do
+ provider :google_oauth2, Rails.application.secrets.omniauth_client_id, Rails.application.secrets.omniauth_client_secret, { access_type: "offline", approval_prompt: "" }
+end
diff --git a/config/routes.rb b/config/routes.rb
index a91cd73b6..07467f1c4 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -4,7 +4,21 @@
devise_for :members
# We remove the sign_up path name so as not to allow users to sign in with username and password.
- devise_for :users, :controllers => { :omniauth_callbacks => "omniauth_callbacks" }, path_names: { sign_up: ''}
+ devise_for :users, path_names: { sign_up: ''}
+
+ get "/auth/:provider", to: 'authentications#passthru', as: 'omniauth_authorize'
+
+ devise_scope :user do
+ get "/users/auth/:provider", to: 'authentications#user_passthru', as: 'user_omniauth_authorize'
+ # devise requires these be scoped to :user or :member in routes.rb, but we just override
+ # the value of request.env["devise.mapping"] in the controller action
+ get "/auth/:action/callback", controller: "authentications", constraints: { action: /google_oauth2/ }
+ post "/auth/:action/callback", controller: "authentications", constraints: { action: /google_oauth2/ }
+ end
+
+ devise_scope :member do
+ get "/members/auth/:provider", to: 'authentications#member_passthru', as: 'member_omniauth_authorize'
+ end
root 'pages#index'