web/client: update synology token from /api/auth call

When the /api/auth response indicates that synology auth is needed,
fetch the SynoToken and store it for future API calls.  This doesn't yet
update the server-side code to set the new SynoAuth field.

Updates tailscale/corp#14335

Signed-off-by: Will Norris <will@tailscale.com>

client/web/src/hooks/auth.ts

@@ -1,9 +1,15 @@
 import { useCallback, useEffect, useState } from "react"
-import { apiFetch } from "src/api"
+import { apiFetch, setSynoToken } from "src/api"
+
+export enum AuthType {
+  synology = "synology",
+  tailscale = "tailscale",
+}
 
 export type AuthResponse = {
   ok: boolean
   authUrl?: string
+  authNeeded?: AuthType
 }
 
 // useAuth reports and refreshes Tailscale auth status
@@ -18,6 +24,14 @@ export default function useAuth() {
     return apiFetch(url, "GET")
       .then((r) => r.json())
       .then((d) => {
+        if ((d as AuthResponse).authNeeded == AuthType.synology) {
+          fetch("/webman/login.cgi")
+            .then((r) => r.json())
+            .then((data) => {
+              setSynoToken(data.SynoToken)
+            })
+        }
+
         setLoading(false)
         setData(d)
       })