Implement Password Age Check at Sign-In

[msk]

• Pending: Add password_last_modified_at Field to Account for Password Age Tracking petabi/review-database#81

Issue Description:

Currently, review-web does not check the age of a password at sign-in. To improve security and ensure compliance with password policies, a check should be added to verify whether a password is too old during the sign-in process.

When a sign-in attempt is made, the system should compare the password's last modified time, stored in the password_last_modified_at field of the Account struct, with the current time. It should then compare this duration with the password expiration period, which is stored in the account policy map under the key b"password expiration period".

If the password is found to be too old, the signIn GraphQL mutation should return an error, with the message indicating the reason. This behavior should be documented in the Rustdoc comment for the signIn mutation so that it appears in the schema.

Expected Behavior:

Once implemented, review-web should:

• Check the age of a password during the sign-in process.
• If the password is too old, return an error from the signIn mutation with a message indicating this reason.
• Document this behavior in the Rustdoc comment for the signIn mutation.

Current Behavior:

Currently, review-web does not check the age of a password at sign-in. As a result, it allows sign-in with a password even if it is older than the specified password expiration period.

Suggested Solution:

Implement a password age check in the signIn GraphQL mutation:

• Add code to compare the password_last_modified_at field of the Account struct with the current time, and then compare this duration with the value from the account policy map under the key b"password expiration period".
• If the password is too old, return an error from the signIn mutation.
• Document this behavior in the Rustdoc comment for the signIn mutation.

Requested by @sehkone.