make setTenantCookie fully tenant aware #123
Description
in setTenantCookie, the check only does existence. It should be sure the tenant + user is valid, and unset if there are no matches.
We need to be careful to not hit the DB if possible, as this check should be relatively cheap to do (we have the user session, we have the tenants). I think there may be a complication of checking for membership if the user is removed, since that won't invalidate the session.
What should happen
User 1: In tenant 1 and tenant 2
User 2: In tenant 3
User 3: No tenant
User 1 is in tenant 1 -> set cookie
User 1 is in tenant 2 (has tenant 1 cookie) -> do nothing
User 2 is in tenant 3 (has tenant 1 cookie) -> set cookie (most recent tenant)
User 3 is not in a tenant -> expire cookie.