diff --git a/apps/api/server/routes/api/users/index.post.ts b/apps/api/server/routes/api/users/index.post.ts
index b04f36edd..b6ee3d496 100644
--- a/apps/api/server/routes/api/users/index.post.ts
+++ b/apps/api/server/routes/api/users/index.post.ts
@@ -8,11 +8,16 @@ export default defineEventHandler(async (event) => {
     const username = user.username?.trim();
     const password = user.password?.trim();
     const {image, bio, demo} = user;
+    const regex = new RegExp("^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$");
 
     if (!email) {
         throw new HttpException(422, {errors: {email: ["can't be blank"]}});
     }
 
+    if(!regex.test(email)){
+        throw new HttpException(422, {errors : {email : ["must be a valid email address"]}});
+    }
+
     if (!username) {
         throw new HttpException(422, {errors: {username: ["can't be blank"]}});
     }