fix: allow users to login using their email

Signed-off-by: Kevin Morris <kevr@0cost.org>

aurweb/routers/auth.py

@@ -2,6 +2,7 @@ from http import HTTPStatus
 
 from fastapi import APIRouter, Form, HTTPException, Request
 from fastapi.responses import HTMLResponse, RedirectResponse
+from sqlalchemy import or_
 
 import aurweb.config
 
@@ -43,7 +44,9 @@ async def login_post(request: Request,
         raise HTTPException(status_code=HTTPStatus.BAD_REQUEST,
                             detail=_("Bad Referer header."))
 
-    user = db.query(User).filter(User.Username == user).first()
+    user = db.query(User).filter(
+        or_(User.Username == user, User.Email == user)
+    ).first()
     if not user:
         return await login_template(request, next,
                                     errors=["Bad username or password."])

test/test_auth_routes.py

@@ -79,6 +79,20 @@ def test_login_logout(client: TestClient, user: User):
     assert "AURSID" not in response.cookies
 
 
+def test_login_email(client: TestClient, user: user):
+    post_data = {
+        "user": user.Email,
+        "passwd": "testPassword",
+        "next": "/"
+    }
+
+    with client as request:
+        resp = request.post("/login", data=post_data,
+                            allow_redirects=False)
+    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
+    assert "AURSID" in resp.cookies
+
+
 def mock_getboolean(a, b):
     if a == "options" and b == "disable_http_login":
         return True