edited230126

2026-01-23 18:07:29 +01:00
parent 32312fe4f2
commit 138136e835
18 changed files with 1354 additions and 283 deletions
--- a/app/routes/auth.py
+++ b/app/routes/auth.py
@@ -173,12 +173,12 @@ def login():

@bp.post("/login")
 def login_post():
-    username = request.form.get("username", "").strip()
+    email = (request.form.get("email", "") or "").strip().lower()
    password = request.form.get("password", "")

-    user = User.query.filter_by(username=username).first()
+    user = User.query.filter_by(email=email).first()
    if not user or not user.check_password(password):
-        flash("Invalid username/password", "danger")
+        flash("Invalid email/password", "danger")
        return redirect(url_for("auth.login"))

    # clear impersonation marker, if any