Support of temporary passwords

[zlobober]

This issue is related to: https://github.com/ytsaurus/ytsaurus/issues/227

Temporary password is a password issued by administrator for a user, which forces user to immediately change the password right after logging in.

It should work as follows.

• Password is temporary if and only if //sys/users/<user>/@password_is_temporary is true.
• When user is logged in via password, UI must issue an additional check for //sys/users/<user>/@password_is_temporary. If the password is temporary, it must forcefully redirect user to /change-password page, where user will change his password.
• After changing the password, UI must also reset the "password_is_temporary" flag by setting it to false.

How to test the feature (as cluster admin):

yt create user --attributes '{name=test}'
yt set-user-password --new-password "temp_pass"
yt set //sys/users/test/@password_is_temporary '%true' 

Now, logging as test:temp_pass should force you to change the password.

Note: in the future there will be a set-user-password --temporary version of a command which will combine two steps above. Also, set-user-password will by default reset password_is_temporary flag, so the third step of the workflow will become redundant. For now, UI must take care of the temporary flag by itself.