Nominator Panel

[massar]

Nominators should be able to trigger password recoveries for people they have nominated.

[massar]

For the password recovery:

• generate a new random 32 byte password + update the DB with that
• Store this new password in 'recovery_password" column for that user
• Mail the first 16 bytes to the user, the latter to the newest nominator (GPG crypt if possible)
  • In the user's mail there will be a recovery URL, the user-part of the password can be in there
  • In the nominator mail there are instructions on how to get the password to the user (offline/crypted)
• User goes to the recovery URL and fills in the nominator part of the password (the link contains the user portion)
• User gets a screen for setting a new password
• User sets a new password
• Recovery_password is cleared out after this.

Note thus that as we have a new 'recovery_password' column, somebody requesting that feature will not cause the old password to be changed/locked-out. Hence accidentally triggering this won't cause issues.

We can even let the user trigger this if we really want as it can't harm the user except for spam, the latter part is why we won't enable this publicly and keep it in the admin portal.

[massar]

Split into #41 as this ticket turned into a password recovery thing, which is more a "Nominator Panel"