I'm using dbAuth for a project and one issue I encounter is that the username is not sanitized even if the sanitation middleware is active. For example, a user can input usernames with html tags such as <h1>bigname or <marquee>runningname</marquee> and this gets inserted to the database as-is. I'm using the sanitation middleware per basic example. Any idea how to sanitize username on registration?

SanitationMiddleware config

'middlewares'=>'sanitation,dbAuth,authorization',
'sanitation.tables'=>'all',
'sanitation.handler' => function ($operation, $tableName, $column, $value) {
	return is_string($value) ? strip_tags($value) : $value;
},

The middleware sanitizes/strips html tags from other inputs during updating but not on user creation.