[PR #1528] [CLOSED] Enhancement: Enable Account Switching for Non-Ephemeral Devices on Logout #2166

New Issue

adam · 2025-12-29T03:20:03+01:00

adam commented

2025-12-29 03:20:03 +01:00

📋 Pull Request Information

Original PR: https://github.com/juanfont/headscale/pull/1528
Author: @vsychov
Created: 8/15/2023
Status: ❌ Closed

Base: main ← Head: fix-issue-1522

📝 Commits (1)

6a8474f fix 1522: delete all machines after logout, not only ephemeral

📊 Changes

1 file changed (+7 additions, -10 deletions)

View changed files

📝 hscontrol/auth.go (+7 -10)

📄 Description

Hello! I find myself saying this in almost every PR or ticket, but I'd like to take a moment to thank you once again for this fantastic product. I truly hope to see it thrive and evolve over time.

This PR addresses a user story and resolves a bug. Fixes: #1522 and #1310.

User Story:
As a user, I want the ability to switch between accounts that I'm logged into, either via OIDC or through an auth-key.

Existing Issues:

When logging in via OIDC as User A, then logging out and trying to log in as User B, there's a web interface error stating could not register machine.
If you log in using the auth-key for User A, log out, and then try to authenticate with the auth-key for User B, the authentication seems to work. However, you remain logged in as User A.

These scenarios are works for non-ephemeral devices. Ephemeral devices don't face this problem as they get removed upon logout. While these issues might be addressed in #1492, it got me thinking: Why not always remove devices on logout? What value do they have post-logout?

Hence, I'm suggesting this as either a temporary or permanent fix for the aforementioned issues.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/juanfont/headscale/pull/1528 **Author:** [@vsychov](https://github.com/vsychov) **Created:** 8/15/2023 **Status:** ❌ Closed **Base:** `main` ← **Head:** `fix-issue-1522` --- ### 📝 Commits (1) - [`6a8474f`](https://github.com/juanfont/headscale/commit/6a8474f8f5a5d4a5c3843439309e600999d0ea46) fix 1522: delete all machines after logout, not only ephemeral ### 📊 Changes **1 file changed** (+7 additions, -10 deletions) <details> <summary>View changed files</summary> 📝 `hscontrol/auth.go` (+7 -10) </details> ### 📄 Description Hello! I find myself saying this in almost every PR or ticket, but I'd like to take a moment to thank you once again for this fantastic product. I truly hope to see it thrive and evolve over time. This PR addresses a user story and resolves a bug. Fixes: #1522 and #1310. **User Story:** As a user, I want the ability to switch between accounts that I'm logged into, either via OIDC or through an auth-key. **Existing Issues:** - When logging in via OIDC as User A, then logging out and trying to log in as User B, there's a web interface error stating `could not register machine`. - If you log in using the auth-key for User A, log out, and then try to authenticate with the auth-key for User B, the authentication seems to work. However, you remain logged in as User A. These scenarios are works for non-ephemeral devices. Ephemeral devices don't face this problem as they get removed upon logout. While these issues might be addressed in #1492, it got me thinking: Why not always remove devices on logout? What value do they have post-logout? Hence, I'm suggesting this as either a temporary or permanent fix for the aforementioned issues. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

adam added the pull-request label 2025-12-29 03:20:03 +01:00

adam closed this issue

2025-12-29 03:20:03 +01:00

adam referenced this issue

2025-12-29 03:21:44 +01:00

[PR #2202] [MERGED] add new user fields to grpc and list command #2545

Sign in to join this conversation.

Branches Tags

main

update_flake_lock_action

gh-pages

kradalby/release-v0.27.2

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/github.com/opencontainers/runc-1.3.3

copilot/investigate-headscale-issue-2788

copilot/investigate-visibility-issue-2788

copilot/investigate-issue-2833

copilot/debug-issue-2846

copilot/fix-issue-2847

dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0

dependabot/go_modules/github.com/docker/docker-28.3.3incompatible

kradalby/cli-experiement3

doc/0.26.1

doc/0.25.1

doc/0.25.0

doc/0.24.3

doc/0.24.2

doc/0.24.1

doc/0.24.0

kradalby/build-docker-on-pr

topic/docu-versioning

topic/docker-kos

juanfont/fix-crash-node-id

juanfont/better-disclaimer

update-contributors

topic/prettier

revert-1893-add-test-stage-to-docs

add-test-stage-to-docs

remove-node-check-interval

fix-empty-prefix

fix-ephemeral-reusable

bug_report-debuginfo

autogroups

logs-to-stderr

revert-1414-topic/fix_unix_socket

rename-machine-node

port-embedded-derp-tests-v2

port-derp-tests

duplicate-word-linter

update-tailscale-1.36

warn-against-apache

ko-fi-link

more-acl-tests

fix-typo-standalone

parallel-nolint

tparallel-fix

rerouting

ssh-changelog-docs

oidc-cleanup

web-auth-flow-tests

kradalby-gh-runner

fix-proto-lint

remove-funding-links

go-1.19

enable-1.30-in-tests

0.16.x

cosmetic-changes-integration

tmp-fix-integration-docker

fix-integration-docker

configurable-update-interval

show-nodes-online

hs2021

acl-syntax-fixes

ts2021-implementation

fix-spurious-updates

unstable-integration-tests

mandatory-stun

embedded-derp

prtemplate-fix

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/headscale#2166