diff --git a/backend/app/api/v1/auth.py b/backend/app/api/v1/auth.py
index 0a14497..c757b92 100644
--- a/backend/app/api/v1/auth.py
+++ b/backend/app/api/v1/auth.py
@@ -56,13 +56,17 @@ async def register(data: RegisterRequest, db: AsyncSession = Depends(get_db)):
 
 @router.post("/login", response_model=LoginResponse)
 async def login(
-    form: OAuth2PasswordRequestForm = Depends(),
+    data: dict,
     db: AsyncSession = Depends(get_db),
 ):
-    result = await db.execute(select(User).where(User.phone == form.username))
+    phone = data.get("username") or data.get("phone")
+    password = data.get("password")
+    if not phone or not password:
+        raise HTTPException(status_code=422, detail="phone and password required")
+    result = await db.execute(select(User).where(User.phone == phone))
     user = result.scalar_one_or_none()
 
-    if not user or not verify_password(form.password, user.password_hash):
+    if not user or not verify_password(password, user.password_hash):
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="Invalid credentials",