How do I make a custom login form for Omniauth with Devise?

Question

I am using Omniauth as my only authentication, there is no :database_authentication on my model. I want to login through Atlassian Crowd using this gem: https://github.com/robdimarco/omniauth_crowd

That gem uses the standard Crowd login form, which I don't want. I want to make a custom form that acts the same way, but takes place of the login page entirely (no "Sign in with Crowd") or anything like that, just a form that logs into Crowd.

To do this, I've added this option to my config.omniauth line in devise.rb:

:form => Devise::SessionsController.actions(:new)

Which, from what I can see online, will use that Rack endpoint to display a custom form. I've changed the html in app/views/devise/sessions/new.html.erb to new.html.haml, which contains this form:

= simple_form_for @user, :url => user_omniauth_authorize_path(:crowd) do |f|
  = f.input :username, :input_html => { :name => 'username' }
  = f.input :password, :input_html => { :name => 'password' }
  = f.button :submit

Which I am hoping with mimic the default OmniAuth form. The problem is that when I visit users/auth/crowd with the :form options in my devise.rb, I get the error:

Could not find devise mapping for path "/users/auth/crowd".

Is there a way to provide a custom form for OmniAuth like this, when using Devise?

edit: Here are the routes:

devise_for :users, :controllers => { :omniauth_callbacks => 'users/omniauth' } do
  get 'login', :to => 'devise/sessions#new', :as => :new_user_session
  get 'logout', :to => 'devise/sessions#destroy', :as => :destroy_user_session
end

devise_scope :user do
  get '/users/auth/:provider', :to => 'users/omniauth#passthru'
  match '/users/auth/failure', :to => 'users/omniauth#failure'
end

resources :users

I've tried several things here, but nothing I've tried has worked.

Answer 1

I know this might be late, but I needed to do the same thing and maybe this will help someone else in the future. In my case, I was developing an internal application that needed to use the same accounts as the ones on our own crowd server. No sort of security concerns as far as I'm aware of since we are only talking to our own internal crowd server. I wanted to style the login page to match the aesthetics of the application.

When adding the omniauth_crowd gem and after configuring it with Devise, you should have a route that looks like this:

user_omniauth_authorize    GET|POST    /users/auth/:provider(.:format)    authentication#passthru {:provider=>/crowd/}

All I had to do was create a custom devise session form that mimics how the default omniauth_crowd one works. Basically it just POSTs a username and password param to your server. Creating custom devise views is described at https://github.com/plataformatec/devise#configuring-views

My form looks like this:

<%= form_tag user_omniauth_authorize_path(:crowd) do %>
  <div><%= label_tag :username, "Username" %><br />
  <%= text_field_tag :username %></div>

  <div><%= label_tag :password, "Password" %><br />
  <%= password_field_tag :password %></div>

  <div><%= submit_tag "Sign in" %></div>
<% end %>

Answer 2

I perfectly understand what you are trying to do. But there are many reasons because of which I would advise you to refrain from doing it. As

1. The basic concept of omniauth is that people can trust that they are logging in from a website they are familiar with.
2. If you remove that page and add your own page then the user may believe that you have some malicious reasons to do the same.

I don't have enough repo to comment that is why I wrote this as an answer