From 66c27c84f8d4a2f0cd1d0f963f3380778bfb230a Mon Sep 17 00:00:00 2001 From: ppigazzini Date: Mon, 2 Feb 2026 01:02:27 +0100 Subject: [PATCH] fix(auth): strip login credentials Normalize username and password inputs during login to avoid whitespace-related auth failures. --- server/fishtest/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/fishtest/views.py b/server/fishtest/views.py index 982ef21624..3b40ee8951 100644 --- a/server/fishtest/views.py +++ b/server/fishtest/views.py @@ -166,8 +166,8 @@ def login(request): came_from = request.params.get("came_from", referrer) if request.method == "POST": - username = request.POST.get("username") - password = request.POST.get("password") + username = request.POST.get("username", "").strip() + password = request.POST.get("password", "").strip() token = request.userdb.authenticate(username, password) if "error" not in token: if request.POST.get("stay_logged_in"):