allow either one or both to be set for basicAuth

2026-01-22 16:30:57 +00:00 · 2026-01-22 16:30:57 +00:00 · 45ecfc1f86
commit 45ecfc1f86
parent 71649c5a13
3 changed files with 31 additions and 6 deletions
--- a/orchestrator/src/client/pages/SettingsPage.tsx
+++ b/orchestrator/src/client/pages/SettingsPage.tsx
@ -296,21 +296,21 @@ export const SettingsPage: React.FC = () => {
      const envPayload: Partial<UpdateSettingsInput> = {}
-      if (dirtyFields.rxresumeEmail) {
+      if (dirtyFields.rxresumeEmail || dirtyFields.rxresumePassword) {
        envPayload.rxresumeEmail = normalizeString(data.rxresumeEmail)
      }
-      if (dirtyFields.ukvisajobsEmail) {
+      if (dirtyFields.ukvisajobsEmail || dirtyFields.ukvisajobsPassword) {
        envPayload.ukvisajobsEmail = normalizeString(data.ukvisajobsEmail)
      }
      if (data.enableBasicAuth === false) {
        envPayload.basicAuthUser = null
        envPayload.basicAuthPassword = null
-      } else {
+      } else if (dirtyFields.enableBasicAuth || dirtyFields.basicAuthUser || dirtyFields.basicAuthPassword) {
-        if (dirtyFields.basicAuthUser) {
+        // If enabling basic auth or changing either field, ensure we send at least the username
-          envPayload.basicAuthUser = normalizeString(data.basicAuthUser)
+        // to keep the pair consistent in the backend.
-        }
+        envPayload.basicAuthUser = normalizeString(data.basicAuthUser)
        if (dirtyFields.basicAuthPassword) {
          const value = normalizePrivateInput(data.basicAuthPassword)
--- a/orchestrator/src/server/api/routes/settings.test.ts
+++ b/orchestrator/src/server/api/routes/settings.test.ts
@ -56,4 +56,19 @@ describe.sequential('Settings API routes', () => {
    expect(patchBody.data.rxresumeEmail).toBe('updated@example.com');
    expect(patchBody.data.openrouterApiKeyHint).toBe('upda');
  });
  it('validates basic auth requirements', async () => {
    const res = await fetch(`${baseUrl}/api/settings`, {
      method: 'PATCH',
      headers: { 'Content-Type': 'application/json' },
      body: JSON.stringify({
        enableBasicAuth: true,
        basicAuthUser: '',
      }),
    });
    expect(res.status).toBe(400);
    const body = await res.json();
    expect(body.success).toBe(false);
    expect(body.error).toContain('Username is required');
  });
 });
--- a/orchestrator/src/shared/settings-schema.ts
+++ b/orchestrator/src/shared/settings-schema.ts
@ -33,6 +33,16 @@ export const updateSettingsSchema = z.object({
  ukvisajobsPassword: z.string().trim().max(2000).nullable().optional(),
  webhookSecret: z.string().trim().max(2000).nullable().optional(),
  enableBasicAuth: z.boolean().optional(),
 }).superRefine((data, ctx) => {
  if (data.enableBasicAuth) {
    if (!data.basicAuthUser || data.basicAuthUser.trim() === "") {
      ctx.addIssue({
        code: z.ZodIssueCode.custom,
        message: "Username is required when basic auth is enabled",
        path: ["basicAuthUser"],
      });
    }
  }
 });
 export type UpdateSettingsInput = z.infer<typeof updateSettingsSchema>;