diff --git a/app/routes/users.py b/app/routes/users.py
index 3194e66..3085334 100644
--- a/app/routes/users.py
+++ b/app/routes/users.py
@@ -24,10 +24,12 @@ def log_in():
 @bp.post('/log-in')
 @redirect_if_logged_in()
 def log_in_post():
-    user = Users.find({'username': request.form['username']})
+    username = request.form.get('username', default='').lower()
+    user = Users.find({'username': username})
     if not user:
         return redirect(url_for('.log_in', error='The username or password you entered is incorrect.'))
-    if not verify(user.password_hash, request.form['password']):
+    password = request.form.get('password', default='')
+    if not verify(user.password_hash, password):
         return redirect(url_for('.log_in', error='The username or password you entered is incorrect.'))
 
     session['remember'] = request.form.get('remember') == 'on'