diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 5f402dd1..8006fe31 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -41,4 +41,7 @@ class UserController < Users::ApplicationController
     end
   end
 
+  def login
+  end
+
 end
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 705874c8..98aaa85c 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -103,6 +103,7 @@ Devise.setup do |config|
   # requests for sign in and sign up, you need to get a new CSRF token
   # from the server. You can disable this option at your own risk.
   # config.clean_up_csrf_token_on_authentication = true
+  config.clean_up_csrf_token_on_authentication = false
 
   # ==> Configuration for :database_authenticatable
   # For bcrypt, this is the cost for hashing the password and defaults to 10. If
@@ -240,6 +241,7 @@ Devise.setup do |config|
   #
   # The "*/*" below is required to match Internet Explorer requests.
   # config.navigational_formats = ['*/*', :html]
+  config.navigational_formats =  ["*/*", :html, :turbo_stream, :json]
 
   # The default HTTP method used to sign out a resource. Default is :delete.
   config.sign_out_via = [:delete, :get]
diff --git a/config/routes.rb b/config/routes.rb
index 2e715fa9..750d12e6 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -3,7 +3,7 @@ Mozo::Application.routes.draw do
   match '/.well-known/*rest', to: 'errors#not_found', via: :all
   match '/system/*rest',      to: 'errors#not_found', via: :all
   devise_for :users, controllers: {
-    registrations: 'users/registrations'
+    registrations: 'users/registrations',
   } #, controllers: { omniauth_callbacks: "users/omniauth_callbacks" }
   resources :users, only: [:show]
   #devise_for :suppliers, controllers: { confirmations: 'confirmations', registrations: 'registrations' }
@@ -41,9 +41,6 @@ Mozo::Application.routes.draw do
   get 'empty-page' => 'dashboard#empty_page', as: :empty_page
 
 
-  post '/user_app' => 'dashboard#user_app_log' #TODO: separate high speed app at log.mozo.bar
-  post '/user_feedback' => 'user#feedback'
-
   #WAITER
   #get '/waiter' => 'waiter#index' #, controller: 'waiter', action: 'index'
   #get '/waiter/sections' => 'waiter#sections'
@@ -79,7 +76,11 @@ Mozo::Application.routes.draw do
   #post '/user/reject_join_request' => 'user#reject_join_request'
   #post '/user/approve_join_request' => 'user#approve_join_request'
 
+  post '/user_app' => 'dashboard#user_app_log' #TODO: separate high speed app at log.mozo.bar
+  post '/user_feedback' => 'user#feedback'
+
   get '/user/obtain_token' => 'user#obtain_token', as: :user_obtain_token
+  post '/user/login' => 'user#login', as: :user_login
   #post '/user/obtain_token' => 'user#obtain_token', constraints: {format: :json}
   get '/close_window' => 'dashboard#close_window'
   namespace :users, path: '/user/api/v1' do