Can't log in if the email contains a dot #20
Description
If you sign up with an email with a dot (eg [email protected]), the dot is removed in usersController.validate before being saved to the database.
If you later try to log in with that email with a dot, since the email does not get sanitized in usersController.validate and thus the dot is not removed, the input email and the database email don't match, so you can't log in. The error flash message just says "Failed to login.".
If you add some code in usersController.authenticate you can see that the info param in passport.authenticate callback is "[IncorrectUsernameError]: Password or username is incorrect".
One option to fix this is to run the express-validator code in /users/login like is done in /users/create:
router.post(
'/users/login',
usersController.validate, // <-- add this
usersController.authenticate
)