Potential fix for code scanning alert no. 1: Database query built from user-controlled sources

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

Author: Nec0ti

routes/auth.js

@@ -8,7 +8,7 @@ router.post('/register', async (req, res) => {
   try {
     const { username, password } = req.body;
 
-    const existingUser = await User.findOne({ username });
+    const existingUser = await User.findOne({ username: { $eq: username } });
     if (existingUser) {
       return res.status(400).json({ message: 'Username is in use' });
     }