* UI: password are now validated against
$c->config->{security}{password}{web_max_age_days} (unless it's 0)
and if the password is expired the user is redirected automatically
to /changepassword page, and after successful password change back
to the original page.
* API: if password is expired all API requests will be returning
403 Forbidden "Password expired", except PUT/PATCH to /api/admins
or /api/subscribers with the new password in place.
* successful login on the UI now redirects to /dashboard instead of
/ (to prevent unintended redirect to v2)
Change-Id: I075f8e17cc9b0658d6b3b3d526ca5b379d050ce4
Kirill Solomko
b041888807