fix: add input validation for check_type in duplicate check

[Nixxx19]

Issue:

Fixes #3906

The duplicateUserCheck endpoint was using req.query.check_type directly without validation, allowing it to be used as both a property key (req.query[checkType]) and as valueType for findByEmailOrUsername. This vulnerability could lead to prototype pollution attacks if malicious values like check_type=__proto__ or check_type=constructor were sent, potentially causing unexpected behavior or security issues.

Changes:

Added input validation for check_type:

• Created a whitelist of allowed values: ['email', 'username']
• Validates that check_type is exactly one of the allowed values before processing
• Returns 400 error with clear message: "Invalid check_type. Must be either "email" or "username"." for invalid values
• Prevents prototype pollution by validating before using checkType as a property key

Added value validation:

• Validates that the corresponding value (email or username) exists in the query
• Ensures the value is a non-empty string after trimming
• Returns 400 error: "Missing or invalid {checkType} value." if validation fails

Security improvements:

• Prevents unsafe property access that could lead to prototype pollution
• Uses TypeScript as const for type safety
• Early validation prevents malicious inputs from reaching the database query

Files changed:

• server/controllers/user.controller/signup.ts: Added validation logic to duplicateUserCheck function

I have verified that this pull request:

• has no linting errors (npm run lint)
• has no test errors (npm run test)
• has no typecheck errors (npm run typecheck)
• is from a uniquely-named feature branch and is up to date with the develop branch.
• is descriptively named and links to an issue number, i.e. Fixes #3906
• meets the standards outlined in the accessibility guidelines