diff --git a/backend/Api/Controllers/DeviceController.cs b/backend/Api/Controllers/DeviceController.cs
index a824e13..fa22807 100644
--- a/backend/Api/Controllers/DeviceController.cs
+++ b/backend/Api/Controllers/DeviceController.cs
@@ -6,7 +6,7 @@ using Microsoft.AspNetCore.Authorization;
 namespace Api.Controllers
 {
     [ApiController]
-    [Route("[controller]")]
+    [Route("api/[controller]")]
     public class DeviceController : Controller
     {
         private readonly DBContext _context;
diff --git a/backend/Api/Controllers/HealthController.cs b/backend/Api/Controllers/HealthController.cs
index 8f9354f..ed1c236 100644
--- a/backend/Api/Controllers/HealthController.cs
+++ b/backend/Api/Controllers/HealthController.cs
@@ -3,7 +3,7 @@
 namespace Api.Controllers
 {
     [ApiController]
-    [Route("[controller]")]
+    [Route("api/[controller]")]
     public class HealthController : Controller
     {
         [HttpGet]
diff --git a/backend/Api/Controllers/UserController.cs b/backend/Api/Controllers/UserController.cs
index 790cab3..ada32de 100644
--- a/backend/Api/Controllers/UserController.cs
+++ b/backend/Api/Controllers/UserController.cs
@@ -10,7 +10,7 @@ using Microsoft.AspNetCore.Authorization;
 namespace Api.Controllers
 {
     [ApiController]
-    [Route("[controller]")]
+    [Route("api/[controller]")]
     public class UserController : Controller
     {
         private readonly DBContext _context;
@@ -23,10 +23,10 @@ namespace Api.Controllers
         }
 
         [HttpPost("Login")]
-        public async Task<IActionResult> Login([FromBody] User user)
+        public async Task<IActionResult> Login([FromBody] Login login)
         {
             DbAccess dBAccess = new DbAccess(_context);
-            user = await dBAccess.Login(user);
+            var user = await dBAccess.Login(login);
             if (user.Id == 0) { return Unauthorized(new { error = "Invalid username or password" }); }
             var token = GenerateJwtToken(user);
             return Ok(new { token, user.UserName, user.Id });
diff --git a/backend/Api/DBAccess/DBAccess.cs b/backend/Api/DBAccess/DBAccess.cs
index 142ee8f..4edaa5a 100644
--- a/backend/Api/DBAccess/DBAccess.cs
+++ b/backend/Api/DBAccess/DBAccess.cs
@@ -41,19 +41,25 @@ namespace Api.DBAccess
             return await _context.SaveChangesAsync() == 1;
         }
 
-        public async Task<User> Login(User user)
+        public async Task<User> Login(Login login)
         {
-            var profile = await _context.Users.FirstAsync(u => u.UserName == user.UserName);
-            if (profile == null)
+            User user = new User();
+            if (!login.EmailOrUsrn.Contains("@"))
             {
-                profile = await _context.Users.FirstAsync(u => u.Email == user.Email);
+                user = await _context.Users.FirstAsync(u => u.UserName == login.EmailOrUsrn);
+            }
+            else
+            {
+                user = await _context.Users.FirstAsync(u => u.Email == login.EmailOrUsrn);
             }
 
-            string hashedPassword = ComputeHash(user.Password, SHA256.Create(), profile.Salt);
+            if (user == null) { return new User(); }
+
+            string hashedPassword = ComputeHash(user.Password, SHA256.Create(), user.Salt);
 
             if (hashedPassword == user.Password)
             {
-                return profile;
+                return user;
             }
             return new User();
         }
diff --git a/backend/Api/Models/Login.cs b/backend/Api/Models/Login.cs
index 3944394..809fd22 100644
--- a/backend/Api/Models/Login.cs
+++ b/backend/Api/Models/Login.cs
@@ -2,7 +2,7 @@
 {
     public class Login
     {
-        public string Login { get; set; }
+        public string EmailOrUsrn { get; set; }
 
         public string Password { get; set; }
     }