client/web: call /api/auth before rendering any client views

For now this is effectively a noop, since only the ManagementClientView uses the auth data. That will change soon. Updates tailscale/corp#14335 Signed-off-by: Will Norris <will@tailscale.com>
2025-12-11 16:42:54 +00:00 · 2023-11-01 10:35:46 -07:00
parent 970eb5e784
commit 237c6c44cd
2 changed files with 19 additions and 21 deletions
--- a/client/web/web.go
+++ b/client/web/web.go
@@ -252,6 +252,11 @@ func (s *Server) serveLoginAPI(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, "invalid endpoint", http.StatusNotFound)
 		return
 	}
+	if r.URL.Path != "/api/auth" {
+		// empty JSON response until we serve auth for the login client
+		fmt.Fprintf(w, "{}")
+		return
+	}
 	switch r.Method {
 	case httpm.GET:
 		// TODO(soniaappasamy): we may want a minimal node data response here
@@ -354,8 +359,11 @@ func (s *Server) serveAPI(w http.ResponseWriter, r *http.Request) {
 	case path == "/auth":
 		if s.tsDebugMode == "full" { // behind debug flag
 			s.serveTailscaleAuth(w, r)
-			return
+		} else {
+			// empty JSON response until we serve auth for other modes
+			fmt.Fprintf(w, "{}")
 		}
+		return
 	case path == "/data":
 		switch r.Method {
 		case httpm.GET: