[BUG] Login asks for OTP key when none is associated with the account.

[kekonn]

I added an OTP key to a user then realised I couldn't add it (Bitwarden wouldn't scan the QR code and it didn't display the raw hash).

I then deleted the OTP key from the account and clicked update. If I check in the admin panel there is no OTP key associated with the account, but when I want to log in with that account in the web interface, it asks for an OTP value.

Reproduction:

1. Log in as admin
2. Add otp key to account
3. Click next (why is there no confirmation for the OTP key?)
4. Save the account, but stay on the page
5. Delete the OTP key
6. Save the account again
7. Log out as admin
8. Try to log in as the changed user. Warpgate asks for an OTP key after password, which it shouldn't

I'm on version v0.9.1

[kekonn]

I was investigating some more and in the network console of the browser I saw that even though OTP was deleted as a password method, it was still setting TOTP as a login policy for HTTP. I used edit and resend in the network console to remove the value and post the new settings and now it works, so this seems like a client side bug.