FINERACT-2006: Forgot password on login page

[airajena]

Description

Implemented the "Forgot Password" functionality to allow users to reset their forgotten passwords via email. This feature introduces a new public API endpoint that verifies the user's email, generates a temporary password, and emails it to them.

Changes

• New API Endpoint: Added POST /api/v1/password/forgot which accepts an email address in the request body.
  • Updated SecurityConfig to permit unauthenticated access to this endpoint.
• Database Schema: Added temporary_password_expiry_time column to the m_appuser table (via Liquibase migration 0209_add_forgot_password.xml).
• Domain Logic:
  • Updated AppUser entity to handle temporary password expiry.
  • Added AppUserRepository.findActiveUserByEmail to lookup users.
• Service Layer:
  • Created ForgotPasswordService and its implementation ForgotPasswordServiceImpl.
  • Logic handles finding the user, generating a 13-character random password, encrypting it, setting the expiry time (24 hours), and triggering the email.
• Email Service Improvements: Updated GmailBackedPlatformEmailService to make strict SSL/TLS settings conditional. This allows the service to support standard SMTP servers (like Mailhog) for easier local testing and development, while still enforcing strict security when connecting to Gmail.

Checklist

Please confirm these details:

• Catch up with develop branch
• Format the code (./gradlew spotlessApply)
• Staging/Production Smoke Tests

Testing

• Tested locally using Docker Compose and Mailhog.
• Verified the API returns 200 OK on success.
• Verified database updates (temp password expiry time set).
• Verified email usage logic.
• Verified transaction rollback if email sending fails.