diff --git a/controllers/auth/auth.js b/controllers/auth/auth.js
index b5ca7a5..9709901 100644
--- a/controllers/auth/auth.js
+++ b/controllers/auth/auth.js
@@ -692,10 +692,10 @@ export const registerStudentForAdmin = async (req, res) => {
 };
 
 export const loginUser = async (req, res) => {
-  const { EMAIL, PASSWORD } = req.body;
+  const { IDENTIFIER, PASSWORD } = req.body;
 
-  if (!EMAIL) {
-    return response(400, null, "Email is required!", res);
+  if (!IDENTIFIER) {
+    return response(400, null, "Identifier (Email or NISN) is required!", res);
   }
 
   if (!PASSWORD) {
@@ -703,7 +703,22 @@ export const loginUser = async (req, res) => {
   }
 
   try {
-    const user = await models.User.findOne({ where: { EMAIL } });
+    let user;
+
+    if (IDENTIFIER.includes("@")) {
+      user = await models.User.findOne({ where: { EMAIL: IDENTIFIER } });
+    } else {
+      const student = await models.Student.findOne({
+        where: { NISN: IDENTIFIER },
+        include: [
+          {
+            model: models.User,
+            as: "studentUser",
+          },
+        ],
+      });
+      user = student?.studentUser;
+    }
 
     if (!user) {
       return response(404, null, "User data not found!", res);
@@ -713,7 +728,7 @@ export const loginUser = async (req, res) => {
       return response(
         403,
         null,
-        "User is not validated! Please verify your email first.",
+        "User is not validated! Please verify via email first.",
         res
       );
     }