feat(GODT-2610): re-use previous password when removing and adding back account.

tests/bdd_test.go

@@ -180,6 +180,8 @@ func TestFeatures(testingT *testing.T) {
 			ctx.Step(`^user "([^"]*)" is not listed$`, s.userIsNotListed)
 			ctx.Step(`^user "([^"]*)" finishes syncing$`, s.userFinishesSyncing)
 			ctx.Step(`^user "([^"]*)" has telemetry set to (\d+)$`, s.userHasTelemetrySetTo)
+			ctx.Step(`^the bridge password of user "([^"]*)" is changed to "([^"]*)"`, s.bridgePasswordOfUserIsChangedTo)
+			ctx.Step(`^the bridge password of user "([^"]*)" is equal to "([^"]*)"`, s.bridgePasswordOfUserIsEqualTo)
 
 			// ==== IMAP ====
 			ctx.Step(`^user "([^"]*)" connects IMAP client "([^"]*)"$`, s.userConnectsIMAPClient)

tests/ctx_bridge_test.go

@@ -114,6 +114,7 @@ func (t *testCtx) initBridge() (<-chan events.Event, error) {
 	} else if corrupt {
 		return nil, fmt.Errorf("vault is corrupt")
 	}
+	t.vault = vault
 
 	// Create the underlying cookie jar.
 	jar, err := cookiejar.New(nil)

tests/ctx_test.go

@@ -36,6 +36,7 @@ import (
 	"github.com/ProtonMail/proton-bridge/v3/internal/bridge"
 	frontend "github.com/ProtonMail/proton-bridge/v3/internal/frontend/grpc"
 	"github.com/ProtonMail/proton-bridge/v3/internal/locations"
+	"github.com/ProtonMail/proton-bridge/v3/internal/vault"
 	"github.com/bradenaw/juniper/xslices"
 	"github.com/cucumber/godog"
 	"github.com/emersion/go-imap/client"
@@ -135,6 +136,7 @@ type testCtx struct {
 
 	// bridge holds the bridge app under test.
 	bridge *bridge.Bridge
+	vault  *vault.Vault
 
 	// service holds the gRPC frontend service under test.
 	service   *frontend.Service

tests/features/user/relogin.feature

@@ -12,4 +12,13 @@ Feature: A logged out user can login again
 
   Scenario: Cannot login to removed account
     When user "[user:user]" is deleted
-    Then user "[user:user]" is not listed
+    Then user "[user:user]" is not listed
+
+  Scenario: Bridge password persists after logout/login
+    Given there exists an account with username "testUser" and password "password"
+    And the user logs in with username "testUser" and password "password"
+    And the bridge password of user "testUser" is changed to "YnJpZGdlcGFzc3dvcmQK"
+    And user "testUser" is deleted
+    And the user logs in with username "testUser" and password "password"
+    Then user "testUser" is eventually listed and connected
+    And the bridge password of user "testUser" is equal to "YnJpZGdlcGFzc3dvcmQK"

tests/user_test.go

@@ -28,6 +28,8 @@ import (
 	"github.com/ProtonMail/go-proton-api"
 	"github.com/ProtonMail/gopenpgp/v2/crypto"
 	"github.com/ProtonMail/proton-bridge/v3/internal/bridge"
+	"github.com/ProtonMail/proton-bridge/v3/internal/vault"
+	"github.com/ProtonMail/proton-bridge/v3/pkg/algo"
 	"github.com/bradenaw/juniper/iterator"
 	"github.com/bradenaw/juniper/xslices"
 	"github.com/cucumber/godog"
@@ -426,6 +428,37 @@ func (s *scenario) userHasTelemetrySetTo(username string, telemetry int) error {
 	})
 }
 
+func (s *scenario) bridgePasswordOfUserIsChangedTo(username, bridgePassword string) error {
+	b, err := algo.B64RawDecode([]byte(bridgePassword))
+	if err != nil {
+		return errors.New("the password is not base64 encoded")
+	}
+
+	var setErr error
+	if err := s.t.vault.GetUser(
+		s.t.getUserByName(username).getUserID(),
+		func(user *vault.User) { setErr = user.SetBridgePass(b) },
+	); err != nil {
+		return err
+	}
+
+	return setErr
+}
+
+func (s *scenario) bridgePasswordOfUserIsEqualTo(username, bridgePassword string) error {
+	userInfo, err := s.t.bridge.QueryUserInfo(username)
+	if err != nil {
+		return err
+	}
+
+	readPassword := string(userInfo.BridgePass)
+	if readPassword != bridgePassword {
+		return fmt.Errorf("bridge password mismatch, expected '%v', got '%v'", bridgePassword, readPassword)
+	}
+
+	return nil
+}
+
 func (s *scenario) addAdditionalAddressToAccount(username, address string, disabled bool) error {
 	userID := s.t.getUserByName(username).getUserID()