[PB-267]: Feat/Add lastPasswordChangeAt to users

[larry-internxt]

• Added lastPasswordChangeAt column to users
• Added logic to invalidate token on middleware when lastPasswordChangeAt is greater than token's iat

[sonarqubecloud]

SonarCloud Quality Gate failed.   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

0.0% Coverage
0.0% Duplication

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

already resolved

[sonarqubecloud]

Quality Gate failed

Failed conditions

0.0% Coverage on New Code (required ≥ 80%)

See analysis details on SonarCloud

[apsantiso]

We need to also add iat to new tokens. I made a small PR adding it, moving out the iat from the payload (to align with what drive-server-wip expects) and 1 small naming change.

#422

[sonarqubecloud]

Quality Gate failed

Failed conditions

0.0% Coverage on New Code (required ≥ 80%)

See analysis details on SonarCloud

[apsantiso]

@sg-gs I think this is ready to go. I just made 3 changes. There are some miliseconds that are being lost when we convert from Date to IAT so that's why this PR issues a new token with a iat a little time ahead. Otherwise, the comparison between lastPassword < iat is going to fail because of the miliseconds.

Other options were:

1. Remove the milisecons from the new Date() object everytime we set lastPasswordAt. Which is the less cool solution we can take
2. Add more parameter to update password function to be able to use "iat" as a constructor in the new Date() that is being assigned to lastPasswordAt. e.g: new Date(tokenIat). Exactly as we do in drive-server-wip. However, this require also changing more code.