Add APIs for /register, /forgot-password, /reset-password, /verify-forgot-token

[skks1212]

Register should accept username, full name, email, password

Forgot password should accept email. If email is correct, send an OTP and reset link to the user. Reset link would be something like
https://ayushma.ohc.network/reset-password?otp=[otp]&user_id=[user_id]
Create a new model ForgotToken for this that will contain user, expiry (should be 10 minutes from request), OTP
Auto expire previous OTPs if a new one is created

Reset link will send a request to /verify-forgot-token containing OTP and user_id that will check if the otp is correct and not expired. Only process if both OTP and user_id are present and correct. Return the user's email, username and name if correct.

The /reset-password api will have two usecases.

1. if authorization header is present, only expect a password, and update password for the user.
2. If authorization header is not present, fallback to accepting OTP and user_id, perform the same validations as /verify-forgot-token and update the password.

Get in touch with @mathew-alex regarding setting up emails