Ensure email is given on login

simple-login · Oct 9, 2024 · 0bb8d89 · 0bb8d89
1 parent 48dce3a
commit 0bb8d89
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/app/api/views/auth.py b/app/api/views/auth.py
@@ -52,8 +52,12 @@ def auth_login():
  password = data.get("password")
  device = data.get("device")
 
- email = sanitize_email(data.get("email"))
- canonical_email = canonicalize_email(data.get("email"))
+ email = data.get("email")
+ if not email:
+ LoginEvent(LoginEvent.ActionType.failed, LoginEvent.Source.api).send()
+ return jsonify(error="Email or password incorrect"), 400
+ email = sanitize_email(email)
+ canonical_email = canonicalize_email(email)
 
  user = User.get_by(email=email) or User.get_by(email=canonical_email)