diff --git a/.gitignore b/.gitignore
index 5ef9e2bb..ca6029aa 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,6 +6,7 @@
 
 # Ignore bundler config
 .bundle
+faye/ssl
 
 # Ignore the default SQLite database.
 /db/*.sqlite3
diff --git a/Procfile b/Procfile
index bb6ce271..f9d24066 100644
--- a/Procfile
+++ b/Procfile
@@ -7,4 +7,6 @@
 #counters: drb_counter/drb_counter.rb development
 #faye: thin start -R faye/config.ru -p 9296
 web: bundle exec rails s -p 3000 -b 0.0.0.0
+user: cd $MOZO_PATH_USER && ember server
+supplier: cd $MOZO_PATH_SUPPLIER && ember server
 #server: bundle exec rails s -e production
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index ec0b7013..c6c82650 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -16,7 +16,7 @@ class ApplicationController < ActionController::Base
 private
 
   def authenticate_employee!
-    if auth_token = params[:auth_token].presence
+    if auth_token = params[:auth_token].presence || request.headers['HTTP_AUTH_TOKEN'].presence
       raise CanCan::AccessDenied unless employee = Employee.find_by_authentication_token(auth_token)
       bypass_sign_in employee
     else
@@ -125,9 +125,9 @@ private
   end
   alias json_notice js_notice
 
-  def show_404
+  def show_404(options = {})
     respond_to do |format|
-      format.html { render 'dashboard/404', layout: true, status: 404}
+      format.html { render 'dashboard/404', options.reverse_merge(layout: true, status: 404)}
       format.json { render json: {ok: false}, status: 404 }
     end
   end
diff --git a/app/controllers/supplier_controller.rb b/app/controllers/supplier_controller.rb
index 6ca7fe31..95183878 100644
--- a/app/controllers/supplier_controller.rb
+++ b/app/controllers/supplier_controller.rb
@@ -1,8 +1,7 @@
 class SupplierController < Suppliers::ApplicationController
   def home
     if Rails.env.development?
-      binding.pry
-      redirecto_to "http://localhost:4202/supplier#{params[:other]}"
+      redirect_to "http://localhost:4202/supplier/#{params[:other]}"
     else
       render html: File.read(Rails.root.join('public/supplier/index.html'))
     end
diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb
index 05855b35..580f9091 100644
--- a/app/controllers/users/omniauth_callbacks_controller.rb
+++ b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -25,7 +25,6 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
   end
 
   def failure(env = {})
-    #binding.pry
-    show_404
+    show_404 alert: "There was a problem authorizing and identifier the user"
   end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index 41c52b33..b390efb4 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -26,16 +26,18 @@ class User
   validates_uniqueness_of :email
   before_save :ensure_authentication_token
 
-  has_many :error_logs
+  #has_many :error_logs
   has_many :user_feedbacks
 
   view :by_authentication_token, key: :authentication_token
   view :by_email, key: :email
-  view :by_facebook, key: [:provider, :uid] #DEPRICATE on successful change to by_provider
-  view :by_provider, key: [:provider, :uid]
+  #view :by_facebook, key: [:provider, :uid] #DEPRICATE on successful change to by_provider
+  #view :by_provider, key: [:provider, :uid]
+  view :by_provider_and_uid, key: [:provider, :uid]
 
   def self.find_for_oauth(auth_data, user)
-    user = database.view(self.by_provider(key: [auth_data.provider, auth_data.uid], limit: 1)).first
+    #user = database.view(self.by_provider(key: [auth_data.provider, auth_data.uid], limit: 1)).first
+    user = find_by_provider_and_uid(auth_data.provider, auth_data.uid)
 
     user || create(
       provider: auth_data.provider,
diff --git a/app/views/dashboard/scan.html.slim b/app/views/dashboard/scan.html.slim
new file mode 100644
index 00000000..06c09b03
--- /dev/null
+++ b/app/views/dashboard/scan.html.slim
@@ -0,0 +1,3 @@
+h1 QR Scan landing page
+p |
+    You are
diff --git a/app/views/theme1/_footer.html.slim b/app/views/theme1/_footer.html.slim
index 8a4e536f..e747f65b 100644
--- a/app/views/theme1/_footer.html.slim
+++ b/app/views/theme1/_footer.html.slim
@@ -11,4 +11,6 @@
       '
       = link_to 'contact', main_app.page_path('contact', locale: 'en')
       .clearfix
-    .footer-bottom &copy; mozo.bar 2019
+    .footer-bottom
+      span &copy; mozo.bar 
+      span= Date.today.year
diff --git a/config/application.rb b/config/application.rb
index 9d3e81a9..936f5448 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -298,7 +298,7 @@ module Qwaiter
 
     config.middleware.insert_before 0, Rack::Cors do
       allow do
-        origins '*'
+        origins 'localhost', 'supplier.mozo.local', 'user.mozo.local'
         #resource '/user/*', :headers => '*', :methods => '*' #[:get, :post, :options]
         resource '*', headers: :any, methods: [:get, :post, :put, :patch, :delete, :options]
       end
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 58abf1e7..f8bd23a1 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -252,11 +252,13 @@ Devise.setup do |config|
     # config.omniauth :facebook, "505160086210072", "fcc474a3fb13c6bcc0f7c83a92ad1b17",
     #   scope: 'email,user_birthday,publish_actions'
     config.omniauth :facebook, "653729178057509", "d4cea86f70803f1b75ed03c506a4d78e",
-      scope: 'email,user_birthday,user_gender,user_hometown,user_link,user_location'
+      scope: 'email,user_birthday,user_gender,user_hometown,user_link,user_location',
+      provider_ignores_state: true
     config.omniauth :instagram, "cd7bdfbee825499b94fb3783d1bc143b", "6b4f9ecf251c462993a696eebc0189be"
   else
     config.omniauth :facebook, "168928633304849", "22bc53e1a390c1e62d004195c55fe336",
-      scope: 'email,user_birthday,user_gender,user_hometown,user_link,user_location'
+      scope: 'email,user_birthday,user_gender,user_hometown,user_link,user_location',
+      provider_ignores_state: true
     config.omniauth :instagram, "81c78b969a7046d6b6b5b5fe3f30929c", "3697c16762ad4f1ca088e829efbaddde"
   end
 
diff --git a/config/initializers/mozo_settings.rb b/config/initializers/mozo_settings.rb
index fda87bb2..f8833ea4 100644
--- a/config/initializers/mozo_settings.rb
+++ b/config/initializers/mozo_settings.rb
@@ -1,4 +1,9 @@
-Qwaiter.event_host = "http://#{(Rails.env.development? or Rails.env.test?) ? ENV['MOZO_LOCAL_IP'] || 'localhost' : 'events.mozo.bar'}:9296/faye"
+if Rails.env.development?
+  Qwaiter.event_host = "https://events.mozo.local:9296/faye"
+else
+  Qwaiter.event_host = "https://events.mozo.bar:9296/faye"
+end
+
 Qwaiter.broadcaster = Qwaiter::Broadcaster::Faye.new
 
 # use the connection from couchbase-structures/documents
diff --git a/config/routes.rb b/config/routes.rb
index bb5767e7..30b89d2f 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -108,7 +108,7 @@ Qwaiter::Application.routes.draw do
   end
 
 
-  #get '/s' => 'dashboard#scan', as: :scan
+  get '/s' => 'dashboard#scan', as: :scan
 
   # DEVELOPMENT ONLY
   get '/qr' => 'dashboard#qr'
@@ -203,13 +203,16 @@ Qwaiter::Application.routes.draw do
 
   mount Cmtool::Engine => '/cmtool'
 
+  # NOTE: tried to do the following 2 matchers in 1 like get '/supplier*other', but did not work, so better safe then sorry and use 2
+  get '/supplier' => 'supplier#home', as: :supplier_root
+  get '/supplier/*other' => 'supplier#home'
+
   # /nl is not matched to pages#home with locale => nl
   get '/:locale' => 'pages#home', constraints: {locale: ALLOWED_LOCALES}, as: :go_to_locale
   get '/sitemap(.:format)' => 'pages#sitemap'
   #devise_scope :supplier do
     #get '/:locale/suppliers/sign_up' => 'registrations#new', constraints: {locale: ALLOWED_LOCALES}
   #end
-  get '/supplier*other' => 'supplier#home', as: :supplier_root
   scope '(/:locale)', constraints: {locale: ALLOWED_LOCALES}, defaults: { locale: Rails.application.config.i18n.default_locale.to_s } do
     root to: 'pages#home'
     resources :contact_forms, only: [:create]
diff --git a/faye/Dockerfile b/faye/Dockerfile
index e1b42e07..da188670 100644
--- a/faye/Dockerfile
+++ b/faye/Dockerfile
@@ -36,5 +36,6 @@ COPY ./faye /usr/src/app
 
 ENV FAYE_PORT=9296
 EXPOSE $FAYE_PORT
-CMD thin start -R config.ru -p $FAYE_PORT
+#CMD thin start -R config.ru -p $FAYE_PORT
+CMD thin start -R config.ru -p $FAYE_PORT --ssl --ssl-key-file=ssl/privkey.pem --ssl-cert-file=ssl/fullchain.pem
 
diff --git a/faye/rebuild-docker.sh b/faye/rebuild-docker.sh
index 9471950c..2787b3b3 100755
--- a/faye/rebuild-docker.sh
+++ b/faye/rebuild-docker.sh
@@ -2,14 +2,22 @@
 # This script rebuilds the whole environment and starts a new container
 
 # 1. ensure this script is run from the project's root, not the faye directory
-pwd_dirname=$(basename $(pwd));
-script_dirname="faye";
+pwd_dirname=$(basename $(pwd))
+script_dirname="faye"
+certs_dir="/etc/letsencrypt/live/mozo.bar"
+#certs_dir="/home/benjamin/mozo/mozo-user/ssl"
 if [ "$pwd_dirname" == "$script_dirname" ]; then
   echo "PWD DIRNAME: "$pwd_dirname;
   echo "You must run this script from the project's root dir (../) for the Dockerfile to have access to the configs to COPY";
   exit 1;
 fi
 
+if [ -d "$certs_dir" ]; then
+  echo "Found certificates directory, copy it to local for inclusion in the docker build"
+  rm -rf $script_dirname/ssl
+  cp -r $certs_dir $script_dirname/ssl
+fi
+
 # 2. stop and remove all running/existing containers
 docker rm $(docker stop $(docker ps -a -q --filter ancestor=mozo_faye))