client/web: fix redirect logic when accessing login client over TS IP

Was previously failing to redirect to the manage client when accessing
the login client with the Tailscale IP.

Updates #10261
Fixes tailscale/corp#16348

Co-authored-by: Will Norris <will@tailscale.com>
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>

client/web/src/components/login-toggle.tsx

@@ -125,7 +125,7 @@ function LoginPopoverContent({
   useEffect(() => checkTSConnection(), [])
 
   const handleSignInClick = useCallback(() => {
-    if (auth.viewerIdentity) {
+    if (auth.viewerIdentity && auth.serverMode === "manage") {
       if (window.self !== window.top) {
         // if we're inside an iframe, start session in new window
         let url = new URL(window.location.href)
@@ -145,7 +145,7 @@ function LoginPopoverContent({
         window.location.href = manageURL
       }
     }
-  }, [node.IPv4, auth.viewerIdentity, newSession])
+  }, [auth.viewerIdentity, auth.serverMode, newSession, node.IPv4])
 
   return (
     <div onMouseEnter={!canConnectOverTS ? checkTSConnection : undefined}>

client/web/src/hooks/auth.ts

@@ -12,6 +12,7 @@ export enum AuthType {
 export type AuthResponse = {
   authNeeded?: AuthType
   canManageNode: boolean
+  serverMode: "login" | "manage"
   viewerIdentity?: {
     loginName: string
     nodeName: string