From f6005b8c70838421bf975aa876cbfde79b628bed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Omar=20L=C3=B3pez?= <zomars@me.com>
Date: Fri, 17 Sep 2021 17:08:02 -0600
Subject: [PATCH] [CAL-409] Prevents usernames with special characters (#668)

---
 lib/slugify.ts           |  2 +-
 pages/api/auth/signup.ts | 11 +++++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/lib/slugify.ts b/lib/slugify.ts
index a0a530ef6c..c6fba1f4f0 100644
--- a/lib/slugify.ts
+++ b/lib/slugify.ts
@@ -1,5 +1,5 @@
 export const slugify = (str: string) => {
-  return str.replace(/\s+/g, "-").toLowerCase();
+  return str.replace(/[^a-zA-Z0-9-]/g, "-").toLowerCase();
 };
 
 export default slugify;
diff --git a/pages/api/auth/signup.ts b/pages/api/auth/signup.ts
index c0d8ddcf68..476bd60df1 100644
--- a/pages/api/auth/signup.ts
+++ b/pages/api/auth/signup.ts
@@ -1,13 +1,16 @@
-import prisma from "../../../lib/prisma";
-import { hashPassword } from "../../../lib/auth";
+import { hashPassword } from "@lib/auth";
+import prisma from "@lib/prisma";
+import slugify from "@lib/slugify";
+import { NextApiRequest, NextApiResponse } from "next";
 
-export default async function handler(req, res) {
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
   if (req.method !== "POST") {
     return;
   }
 
   const data = req.body;
-  const { username, email, password } = data;
+  const { email, password } = data;
+  const username = slugify(data.username);
 
   if (!username) {
     res.status(422).json({ message: "Invalid username" });