Frontend/Backend: Force user to change password first time they log in

Backend: Add "requires_reset_flag" to users table.  Add change password route and method which checks password is a new password, at least 8 characters.  Prevent access to database if requires_reset_flag is Y.  

Frontend: If requires_set_flag is Y, navigate to new Change Password Screen.  