Add reset password

Following https://discuss.tryton.org/t/add-functionallity-to-user-create/88

assigned to @ced

added trytond type::feature + 1 deleted label

Here is review41761002 that implements the feature.
It is based on a temporary password that is sent by email to the user. The temporary password is valid for 24h by default and stop working as soon as a new password has been set.
I also added an options to trytond-admin to reset the admin password and to ask admin email.

added 1 deleted label and removed 1 deleted label

review41761002 updated at https://codereview.tryton.org/41761002/#ps1

New review36941002 at https://codereview.tryton.org/36941002/#ps1

New review36951002 at https://codereview.tryton.org/36951002/#ps1

review36941002 updated at https://codereview.tryton.org/36941002/#ps20001

review41761002 updated at https://codereview.tryton.org/41761002/#ps20001

review41761002 updated at https://codereview.tryton.org/41761002/#ps40001

review41761002 updated at https://codereview.tryton.org/41761002/#ps80001

review41761002 updated at https://codereview.tryton.org/41761002/#ps100001

I think we are missing one functionality here. The system should ask the user to set a new password on the first loging with the temporary password.

Otherwise they user may continue to use the temporary password which will expire latter.

It is requested in the email. I do not think it is a good user experience to force when the user want to set a password. Maybe when we will have notification [1] we could send a reminder to set a password.

[1] https://discuss.tryton.org/t/real-time-notification/224

If the email address of a user is changed then there should be sent an email to the old email address of the user to inform him about this change as the email address is an important part of the password reset process.

On 2018-01-16 10:28, Korbinian Preisler wrote:
> If the email address of a user is changed then there should be sent an
> email to the old email address of the user to inform him about this
> change as the email address is an important part of the password reset
> process.

I do not see why. Only the user or the administrator can change this
field.

review41761002 updated at https://codereview.tryton.org/41761002/#ps120001

review41761002 updated at https://codereview.tryton.org/41761002/#ps140001

review41761002 updated at https://codereview.tryton.org/41761002/#ps160001

review41761002 updated at https://codereview.tryton.org/41761002/#ps180001

New changeset 5ade83a210f0 by Cédric Krier in branch 'default':
Add reset password
http://hg.tryton.org/trytond/rev/5ade83a210f0

added 1 deleted label and removed 1 deleted label

closed

New changeset 5a328998c979 by Cédric Krier in branch 'default':
Update to new returned values from _get_login
http://hg.tryton.org/modules/authentication_sms/rev/5a328998c979

New changeset a434460e5392 by Cédric Krier in branch 'default':
Update to new returned values from _get_login
http://hg.tryton.org/modules/ldap_authentication/rev/a434460e5392