From a3cce1737869838abaeac1c738cad9f9be2d5e68 Mon Sep 17 00:00:00 2001
From: KanhaiyaPandey <kanhaiyapandey2232@gmail.com>
Date: Sat, 28 Feb 2026 17:27:28 +0530
Subject: [PATCH] fix(signup): validate check_type in duplicateUserCheck to
 prevent misuse

---
 server/controllers/user.controller/signup.ts | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/server/controllers/user.controller/signup.ts b/server/controllers/user.controller/signup.ts
index 4aabd9df0e..907c71a4c7 100644
--- a/server/controllers/user.controller/signup.ts
+++ b/server/controllers/user.controller/signup.ts
@@ -96,7 +96,14 @@ export const duplicateUserCheck: RequestHandler<
   DuplicateUserCheckQuery
 > = async (req, res) => {
   const checkType = req.query.check_type;
-  const value = req.query[checkType];
+
+  if (checkType !== 'email' && checkType !== 'username') {
+    return res
+      .status(400)
+      .json({ error: 'Invalid check_type. Must be email or username.' });
+  }
+
+  const value = checkType === 'email' ? req.query.email : req.query.username;
   const options = { caseInsensitive: true, valueType: checkType };
   const user = await User.findByEmailOrUsername(value!, options);
   if (user) {