I can always revert a VM backup of HAOS but I rather find out what caused this and avoid repetition. I paid for Nabu Casa, connected the iOS app using this, and changed my password as intended usecase within this app. This should not happen.
Using the HA iOS app, in HA using the menu I changed the password for my account. I checked the box to log out all clients, and it reported succes.
As expected I had to login again in the app, but it showed error “403 Forbidden”.
I expected this (and confirmed by documentation) to be due to a IP ban … but it still happens when I try to access it using a new IP.
Yet my wife’s Android app (already logged in with her non-admin user) continues to function properly.
Turns out the HA is accessible using LAN ip.
I checked ip_bans.yaml and it was empty.
This reddit thread suggests it can be explained when router doesn’t like hairpinning (a request from the internal network interface connecting back to its external interface)
The odd thing is, I do not understand how a change of password results in loss of Nabu Casa connectivity.
So i went to doublecheck (again) in their console. It listed my HA as Connected. I clicked the link again (still the same link, i checked) and it showed a Splash page with “Connecting”. After a minute or so, it said “Could not connect”, and the page reloaded to show a “403 Forbidden”.
What can explain this?
Is it hairpinning on the router?
So for now it all works again. But what can explain this: still unknown.
If this is expected behaviour: the HA password change page (in iOS app) may want to mention this action is needed, and requires access via the local IP.
