diff --git a/l2pauth.py b/l2pauth.py
index e0ef7e09700449609cb11cce8591ade9cfe4e792..f1f1064e514dbd8d672c59f49129f445db92115a 100644
--- a/l2pauth.py
+++ b/l2pauth.py
@@ -1,7 +1,5 @@
 from server import *
 import requests
-import json
-from time import sleep
 
 L2P_BASE = 'https://www3.elearning.rwth-aachen.de/_vti_bin/l2pservices/api.svc/v1/'
 OAUTH_BASE = 'https://oauth.campus.rwth-aachen.de/oauth2waitress/oauth2.svc/'
@@ -19,24 +17,32 @@ def oauthget(endpoint, **args):
 @app.route('/l2pauth')
 def start_l2pauth():
 	code = oauthget('code', scope='l2p2013.rwth')
-	session['l2p_oauthcode'] = code['device_code']
+	session['oauthcode'] = code['device_code']
+	session['oauthscope'] = 'l2p'
 	return redirect(code['verification_url']+'?q=verify&d='+code['user_code'])
 
-@app.route('/l2p')
-def test_l2pauth():
-	return str(session.get('l2p_courses', {}))
+@app.route('/rwthauth')
+def start_rwthauth():
+	code = oauthget('code', scope='userinfo.rwth')
+	session['oauthcode'] = code['device_code']
+	session['oauthscope'] = 'rwth'
+	return redirect(code['verification_url']+'?q=verify&d='+code['user_code'])
 
 @app.before_request
 def finish_oauth():
-	if 'l2p_oauthcode' not in session:
+	if 'oauthcode' not in session or 'oauthscope' not in session:
 		return
-	token = oauthget('token', code=session['l2p_oauthcode'], grant_type='device')
+	token = oauthget('token', code=session['oauthcode'], grant_type='device')
 	if token.get('status') != 'ok':
 		return
-	del session['l2p_oauthcode']
+	del session['oauthcode']
+	if session['oauthscope'] not in ['l2p', 'rwth']:
+		return
 	session['rwthintern'] = True
-	session['l2p_courses'] = []
-	for course in l2pget('viewAllCourseInfo', token['access_token'])['dataSet']:
-		session['l2p_courses'].append(course['uniqueid'])
+	if session['oauthscope'] == 'l2p':
+		session['l2p_courses'] = []
+		for course in l2pget('viewAllCourseInfo', token['access_token'])['dataSet']:
+			session['l2p_courses'].append(course['uniqueid'])
+		flash('Folgende Kurse wurden freigegeben: '+', '.join(session['l2p_courses']))
+	del session['oauthscope']
 	oauthget('token', refresh_token=token['refresh_token'], grant_type='invalidate')
-	flash('Folgende Kurse wurden freigegeben: '+', '.join(session['l2p_courses']))