auth login needs explicit plain/no-browser mode

[ZanzyTHEbar]

Describe the Bug

pangolin-cli auth login relies on terminal/browser auto-detection. In containerized rootful Podman usage that is not deterministic enough: the login flow can start without visibly printing the one-time code, leaving the user stuck in a broken TUI path.

A plain-text-capable path exists, but there is no explicit CLI flag to force it.

Environment

• OS Type & Version: Linux host using rootful Podman from an interactive shell
• Pangolin Version: n/a
• Gerbil Version: n/a
• Traefik Version: n/a
• Newt Version: n/a
• Client Version: 0.8.0

To Reproduce

1. Run podman run --rm -it -e PANGOLIN_ENDPOINT=https://vpn.somendpoint.io ghcr.io/fosrl/cli auth login
2. In some real-shell/container contexts, login starts but the device code is not rendered visibly.
3. Compare with printf " " | podman run --rm -i -e PANGOLIN_ENDPOINT=https://vpn.somendpoint.io -e TERM=dumb -e BROWSER=true ghcr.io/fosrl/cli auth login
4. That path prints plain-text device-login output.

Expected Behavior

Please add an explicit non-TUI login mode instead of relying on auto-detection.

Suggested flags:

• --plain
• --no-browser
• ideally --json

Stable output such as DEVICE_CODE=... and DEVICE_LOGIN_URL=..., or JSON, would make container use reliable.

[AstralDestiny]

If the host doesn't have a browser it won't try to launch a browser.

And can you be more specific with what you mean by code isn't rendered?

[LaurenceJJones]

Plus this is what machine clients are designed for, maybe switching over to this solves your issue? https://docs.pangolin.net/manage/clients/understanding-clients#machines

unless you want to run the podman on your own device, but there isnt much different between rootful podman and just installing the cli on your machine?

[AstralDestiny]

I know if you have a headful host and you use ssh the ssh will try to open the browser via ssh and you will get nothing from ssh but at that point why install via ssh.