From 0fc3f1a14b6a452de8c3f24f6412e17e02200411 Mon Sep 17 00:00:00 2001
From: Kyle Pope <kyle.a.pope@outlook.com>
Date: Fri, 27 Feb 2026 08:03:25 +0800
Subject: [PATCH] Allow dots in usernames (e.g. user.test)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Added . to the username character whitelist regex. No security
reason to exclude it — dots are standard in usernames.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 backend/app/schemas/auth.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/app/schemas/auth.py b/backend/app/schemas/auth.py
index 41de744..ccfcf74 100644
--- a/backend/app/schemas/auth.py
+++ b/backend/app/schemas/auth.py
@@ -26,8 +26,8 @@ def _validate_username(v: str) -> str:
     v = v.strip().lower()
     if not 3 <= len(v) <= 50:
         raise ValueError("Username must be 3–50 characters")
-    if not re.fullmatch(r"[a-z0-9_\-]+", v):
-        raise ValueError("Username may only contain letters, numbers, _ and -")
+    if not re.fullmatch(r"[a-z0-9_.\-]+", v):
+        raise ValueError("Username may only contain letters, numbers, _ . and -")
     return v