Stored credentials are not updated after changing password

[kib42]

When you change the password on one client, stored credentials on all other clients are not updated after the first login. The user is prompted for a password each time.

This affects all platforms.

Test Notes:

• [x] Premium Account
  • [x] login on two devices, both with stored credentials
  • [x] change credentials on one of the two devices
  • [x] you should get logged out of the second device
  • [x] click on the stored credentials on the device where you just got logged out
  • [x] you are prompted to type in the new password and can use the mailbox afterwards
  • [x] log out
  • [x] when you log in again you are not asked for credentials again and everything works fine
  • [x] have stored credentials on two devices but only be logged in on one device
  • [x] change password on the device where you're logged in
  • [x] shows same behavior like above
  • [x] use an account that has a second factor registered and store credentials on two devices
  • [x] you can change the password without being prompted to use the second factor
  • [x] on the other you are prompted to use the second factor FIXME
  • [x] login on two devices, both with stored credentials
  • [x] change credentials on one of the two devices
  • [x] you should get logged out of the second device
  • [x] deactivate internet connection
  • [x] click on the stored credentials on the device where you just got logged out
  • [x] offline login works fine
  • [x] activate internet again
  • [x] try to reconnect and you are prompted for the password again FIXME
• [x] Free Account
  • [x] login on two devices, both with stored credentials
  • [x] change credentials on one of the two devices
  • [x] you should get logged out of the second device
  • [x] click on the stored credentials on the device where you just got logged out
  • [x] the credentials are deleted completely
  • [x] the mailbox works after you have logged in again
  • [x] have stored credentials on two devices but only be logged in on one device
  • [x] change password on the device where you're logged in
  • [x] shows same behavior like above
  • [x] use an account that has a second factor registered and store credentials on two devices
  • [x] you can change the password without being prompted to use the second factor
  • [x] click on the stored credentials on the device where you just got logged out
  • [x] the credentials are deleted completely
  • [x] the mailbox works after you have logged in again and were prompted for the second factor
  • [x] External Login
  • [x] when the tutanota sender changes the shared password and sends a new mail, the old external login link does not work anymore (no login attempt possible)
  • [x] if the password is changed (and new mail is sent) while logged in, the external user can keep using the mailbox until they log out, then the outdated link message is shown

Regressions

• [x] the phishing/spam banner still works
• [x] the phishing/spam banner does not show tutanota.com links for non-admin whitelabel users
• [x] creating more calendars works for premium only
• [x] sending calendar invite still works
• [x] calendar event popup still shows the bell icon for alarms
• [x] creating users works
• [x] creating aliases works
• [x] creating contacts works
• [x] in single-column mode, the bottom nav only shows the calendar/contact/search buttons for internal users
• [x] the progress bar in the header works as expected when syncing
• [x] header shortcuts (contact/calendar etc) work, but only while logged in
• [x] contact form requests and login work
• [x] recovering a login works with recovery dialog and for resetting the 2nd factor
• [x] editing the custom external notification mail for whitelabel still works
• [x] inbox rules are still applied and can be edited
• [x] password strength indicator still works (try using the user's name, mail address, ....)
• [x] out of office notifications work as expected
• [x] trying to use a business feature (like adding a template group) shows the business upgrade dialog on plain premium
• [x] we can open the mailbox from a mailto link or a notification in desktop
• [x] calendar opens from an alarm notification
• [x] search for longer than the 30 days (?) still requires premium
• [x] the search overlay only shows the "change time period" text to premium
• [x] adding groups works
• [x] displaying the recover code works
• [x] appearance settings are applied from the users account info
• [x] signature can be edited and is applied
• [x] global settings view loads fine
• [x] sending/accepting calendar share works
• [x] purchasing / redeeming gift cards works
• [x] premium/free/business signup works
• [x] deleting an account works, with takeover
• [x] templates can be edited and applied

[nokhub]

after the password is changed from another client and we try to resume the session:

• we create a new session, then log out after a while, then try to use these credentials again
• with the new credentials, we call resumeSession, then initSession
• here we request the user (to get a verifier among other things)
• this is served from the outdated cache, old verifier?
• the checkOutdatedPassword checks the verifier against the passphrase and fails throwing NotAuthenticatedError
• this causes us to go into the offline login auth flow again

possibility after we delete user from cache (need to think about inconsistencies):

• user not there -> fall back to sync login?

question: why is no entity event update applied after we log in with the new password?

[wrdhub]

During testing: When you change the password on an ipad, the entire app closes and when opened again the credentials are not saved and it brings you to the login screen.

Also, app on ipad will crash and delete credentials when you log in on another device while the app is open.