Figure out Redfish-correct way to deal with expired passwords

[paulfertser]

As mentioned at https://gerrit.openbmc.org/c/openbmc/webui-vue/+/70758/2#message-ba4ad7929c11f36024cdf13fdb98173df7d1882e it's unclear whether webue-vue is currently dealing with accounts that have expired passwords the right (envisioned by Redfish) way.

It basically requests /redfish/v1/AccountService/Accounts/${username} and if it sees PasswordChangeRequired that evaluates to true it redirects to /change-password. We already know it's wrong to use ${username} there but is otherwise this flow is the Redfish-recommended one.

How should expired accounts with external authentication (e.g. LDAP or RADIUS) be detected and treated?

[edtanous]

In the login code handling path, we should check for the existence of a message "Base.PasswordChangeRequired", which is what bmcweb signals when a password change is required on login.

In addition, any requests that return 401 should be checked for a similar message.