users: refactor password reset flow.

The old password reset flow:

* User requests a password reset.
* Danbooru generates a password reset nonce.
* Danbooru emails user a password reset confirmation link.
* User follows link to password reset confirmation page.
* The link contains a nonce authenticating the user.
* User confirms password reset.
* Danbooru resets user's password to a random string.
* Danbooru emails user their new password in plaintext.

The new password reset flow:

* User requests a password reset.
* Danbooru emails user a password reset link.
* User follows link to password edit page.
* The link contains a signed_user_id param authenticating the user.
* User changes their own password.

test/unit/user_test.rb

@@ -221,12 +221,6 @@ class UserTest < ActiveSupport::TestCase
         assert_equal(["Password is too short (minimum is 5 characters)"], @user.errors.full_messages)
       end
 
-      should "should be reset" do
-        @user = FactoryBot.create(:user)
-        new_pass = @user.reset_password
-        assert(User.authenticate(@user.name, new_pass), "Authentication should have succeeded")
-      end
-
       should "not change the password if the password and old password are blank" do
         @user = FactoryBot.create(:user, :password => "67890")
         @user.update(password: "", old_password: "")