fix: Move Identity Validation to Backend for Consistent Enforcement (Settings > Identities and Add Server Modal)#1170
Open
eduardomozart wants to merge 10 commits intognmyt:mainfrom
Open
fix: Move Identity Validation to Backend for Consistent Enforcement (Settings > Identities and Add Server Modal)#1170eduardomozart wants to merge 10 commits intognmyt:mainfrom
eduardomozart wants to merge 10 commits intognmyt:mainfrom
Conversation
added 3 commits
February 24, 2026 12:48
Move identity input validation to the server and adjust client error handling. Client: removed redundant client-side name/password/ssh checks from IdentityDialog and updated ServerDialog error to call t(error.message) so server message keys are localized. Server: added validation block in controllers/identity.js that returns i18n message keys for missing/invalid fields, and allowed empty passphrase in server/validations/identity.js (passphrase: Joi.string().allow("").optional()). This centralizes validation and ensures consistent, translatable error messages.
eduardomozart
changed the title
added 2 commits
February 24, 2026 18:06
Make identity username required across client and server. UI: remove '(optional)' from placeholder, add required attribute to the username input, and add i18n message 'usernameRequired'. Server: add controller check returning 400 when username is blank and make username required in Joi create/update validations.
eduardomozart
changed the title
Replace manual null/empty checks with optional chaining (e.g. config.name?.trim()) for name, username, and password validations in createIdentity. This makes the checks safer and more concise when properties may be undefined or null, while preserving the existing validation logic and error responses (including password checks for specific identity types).
eduardomozart
changed the title
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📋 Description
This PR relocates identity validation rules from the frontend to the backend. Previously, client-side validation was not always enforced when creating new identities (especially via the "Add Server" modal's Identities tab), resulting in inconsistent validation and potential bypasses. Backend validation now ensures that all identity creation and update operations uniformly check required fields.
🚀 Changes made to ...
🔧 Server
🖥️ Client
📚 Documentation
🔄 Other: ___
Added comprehensive identity validation to
server/controllers/identity.js.usernameis now strictly required for both password and SSH key login types. A username is strictly required for both password and SSH key login types, in line with SSH protocol conventions and server requirements, since all SSH servers require a username for authentication. SSH private keys themselves do not contain any username data; the username is always provided separately during connection establishment.sshKey,username) are marked as optional in the shared validation schemas (such as inserver/validations/identity.js) to avoid producing non-specific or confusing error messages. Instead, these rules are enforced inserver/controllers/identity.js, where backend-specific messages tailored to the context of the failed validation can be provided and surfaced clearly to the frontend.Error messages from backend validation surface to the frontend, allowing clear user feedback in all UI flows.
Cleaned up or simplified redundant frontend validation and ensured the backend handles all required checks.
Motivation
Moving validation to the backend guarantees consistent enforcement of rules across all UI flows (Settings > Identities page and New Server Connection modal) and API usage.
Tests
Tested both on:
Settings > Identities page
New > Server > Identities tab modal
✅ Create new identity with Name, Username and SSH Key (with passphrase) works as expected.
✅ Unable to create new SSH identity (type SSH Key) without uploading an SSH Key file.
✅ Unable to create new identity without Name or Username.
✅ Unable to update existing identity without Name or Username.
All validation scenarios were confirmed to work on both dialogs.
✅ Checklist
🔗 Related Issues
Closes #1172 and addresses validation gaps reported in user feedback.
Creating identities without passphrase may have been fixed at #1116