Fix username case sensitivity and implement email login support

[Copilot]

This PR addresses the authentication flow issues by implementing case-insensitive username login and adding support for email-based authentication, while maintaining full backward compatibility.

Problem

The original authentication system had several limitations:

• Username login was case-sensitive, causing failed logins due to typing mistakes
• Users could only log in with usernames, not email addresses
• The username field's relevance was unclear in the user interface

Solution

Implemented a comprehensive authentication improvement with minimal code changes:

Backend Changes

• New Custom JWT Serializer (api/serializers/auth.py): Created CustomTokenObtainPairSerializer that extends SimpleJWT's functionality to support both username and email login with case-insensitive matching
• Enhanced Authentication Logic: Uses Django's __iexact lookup for case-insensitive matching on both username and email fields
• Automatic Input Detection: Determines whether input is an email (contains '@') or username automatically
• Security Preservation: Maintains all existing security features including login attempt tracking, account lockout, and IP logging

Frontend Changes

• Updated Login Form: Changed the input label from "Username" to "Username or Email" and updated the placeholder text accordingly

Technical Implementation

The solution uses Django's built-in case-insensitive lookup methods:

# Email lookup (case-insensitive)
user_obj = User.objects.get(email__iexact=username_or_email)

# Username lookup (case-insensitive) 
user_obj = User.objects.get(username__iexact=username_or_email)

Authentication Examples

All of these login methods now work seamlessly:

{"username": "johndoe", "password": "password123"}           // Traditional username
{"username": "JOHNDOE", "password": "password123"}           // Case-insensitive username
{"username": "john@example.com", "password": "password123"}  // Email login
{"username": "JOHN@EXAMPLE.COM", "password": "password123"}  // Case-insensitive email

Key Benefits

• ✅ Enhanced User Experience: Users can login with either username or email
• ✅ Case-Insensitive: No more failed logins due to caps lock or typing variations
• ✅ Backward Compatible: All existing usernames continue to work exactly as before
• ✅ Security Maintained: Preserves login attempt tracking, account lockout, and all security features
• ✅ Minimal Changes: Surgical modifications with no breaking changes

Screenshot

The login form now clearly indicates that both username and email are accepted:

The highlighted field shows the updated label "Username or Email" with the corresponding placeholder text.

Testing

Comprehensive testing confirms:

• Case-insensitive username matching works correctly
• Email-based authentication functions properly
• All existing security features remain intact
• Backward compatibility is preserved for all existing users

This implementation addresses the core authentication issues while keeping the username field relevant and maintaining the existing user experience.

Fixes #18.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Copilot]

@Jordonh18 👋 This repository doesn't have Copilot instructions. With Copilot instructions, I can understand the repository better, work faster and produce higher quality PRs.

I can generate a .github/copilot-instructions.md file for you automatically. Click here to open a pre-filled issue and assign it to me. I'll write the instructions, and then tag you for review.