fix: don't allow tagged devices in tailscale integration

internal/middleware/context_middleware.go

@@ -326,11 +326,6 @@ func (m *ContextMiddleware) tailscaleWhois(ctx context.Context, ip string) (*mod
 			Name:     whois.DisplayName,
 		},
 		UserID: whois.UserID,
-		Tags:   whois.Tags,
-	}
-
-	if !strings.ContainsAny(uctx.Email, "@") {
-		uctx.Email = utils.CompileUserEmail(uctx.Email+"-tailscale", m.runtime.CookieDomain)
 	}
 
 	return &uctx, nil

internal/model/context.go

@@ -59,8 +59,6 @@ type LDAPContext struct {
 type TailscaleContext struct {
 	BaseContext
 	UserID string
-	// for future use
-	Tags []string
 }
 
 func (c *UserContext) IsAuthenticated() bool {

internal/service/tailscale_service.go

@@ -21,7 +21,6 @@ type TailscaleWhoisResponse struct {
 	LoginName   string
 	DisplayName string
 	NodeName    string
-	Tags        []string
 }
 
 type TailscaleService struct {
@@ -115,14 +114,22 @@ func (ts *TailscaleService) Whois(ctx context.Context, addr string) (*TailscaleW
 		return nil, fmt.Errorf("failed to get client whois: %w", err)
 	}
 
+	if who.Node.IsTagged() {
+		ts.log.App.Debug().Msgf("Skipping whois for tagged node %s", who.Node.Name)
+		return nil, nil
+	}
+
+	uid := strings.TrimPrefix(who.UserProfile.ID.String(), "userid:")
+
 	res := TailscaleWhoisResponse{
-		UserID:      who.UserProfile.ID.String(),
+		UserID:      uid,
 		LoginName:   who.UserProfile.LoginName,
 		DisplayName: who.UserProfile.DisplayName,
 		NodeName:    strings.TrimSuffix(who.Node.Name, "."),
-		Tags:        who.Node.Tags,
 	}
 
+	ts.log.App.Debug().Interface("res", res).Msg("tailscale")
+
 	return &res, nil
 }