How to validate email From: address with authenticated user (prevent sender/login mismatch) in dovecot submission server?

As said in the Dovecot Submission Server documentation:

Note

Currently, the submission proxy is still pretty basic.

It does not have any of the advanced features Postfix has, nor even the capability to deliver the message on its own. It is merely a proxy that still requires a fully featured MTA, like Postfix.

Submission is not IMAP, but SMTP. Therefore, it is only natural that an SMTP server handles it. Just like with us humans, it is good to specialise on something, do it as good as possible, and ask help for other things. For the same reason, Postfix does not try and implement SASL authentication on its own:

Postfix does not implement SASL itself, but instead uses existing implementations as building blocks. This means that some SASL-related configuration files will belong to Postfix, while other configuration files belong to the specific SASL implementation that Postfix will use. This document covers both the Postfix and non-Postfix configuration.

NOTE: People who go to the trouble of installing Postfix may have the expectation that Postfix is more secure than some other mailers. The Cyrus SASL library contains a lot of code. With this, Postfix becomes as secure as other mail systems that use the Cyrus SASL library. Dovecot provides an alternative that may be worth considering.

TL;DR: It is not currently possible and might never be. Just use the Postfix for submission like everybody else.