ipn/ipnlocal: treat js/wasm interative logins as ephemeral for now

At least until js/wasm starts using browser LocalStorage or something. But for the foreseeable future, any login from a browser should be considered ephemeral as the tab can close at any time and lose the wireguard key, never to be seen again. Updates #3157 Change-Id: I6c410d86dc7f9f233c3edd623313d9dee2085aac Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2024-11-29 13:05:46 +00:00 · 2021-10-29 11:55:36 -07:00 · 2021-10-29 11:55:36 -07:00 · 429632d32c
commit 429632d32c
parent c1d009b9e9
1 changed files with 9 additions and 1 deletions
--- a/ipn/ipnlocal/local.go
+++ b/ipn/ipnlocal/local.go
@ -1508,7 +1508,15 @@ func (b *LocalBackend) StartLoginInteractive() {
 	if url != "" {
 		b.popBrowserAuthNow()
 	} else {
-		cc.Login(nil, controlclient.LoginInteractive)
+		flags := controlclient.LoginInteractive
+		if runtime.GOOS == "js" {
+			// The js/wasm client has no state storage so for now
+			// treat all interactive logins as ephemeral.
+			// TODO(bradfitz): if we start using browser LocalStorage
+			// or something, then rethink this.
+			flags |= controlclient.LoginEphemeral
+		}
+		cc.Login(nil, flags)
 	}
 }