feat(cli): add interactive passwd command

[sosyz]

Adds a secure, interactive CLI to reset a user’s password per #1400. Also includes a minor fix to include the time parameter when updating user status.

What’s changed

• New CLI: answer passwd (aliases: password, reset-password)
• Secure interactive password prompt (uses golang.org/x/term)
• Flags: -e/--email, -p/--password (not recommended due to shell history)
• Central wiring in cmd/command.go
• Path/config helpers centralized under internal/base/path
• Fix: include timestamp when updating user status

Usage

answer passwd -C ./answer-data -e user@example.com # will securely prompt for password

Open question

Observed that authSvc.RemoveUserAllTokens(ctx, userInfo.ID) returns success but existing web sessions remain active. Same behavior when invoked from the user center password update flow. Is there an additional session/cache invalidation step required, or is this a bug in the session/token layer?

Linked issue

• Add resetPassword option to command-line tool #1400

[Copilot]

Pull Request Overview

This PR adds a new interactive CLI command answer passwd for securely resetting user passwords and refactors path-related configuration into a centralized internal/base/path package. It also fixes a bug where the timestamp parameter was missing when updating user status in tests.

Key Changes:

• New passwd command with secure password prompting and optional random password generation
• Centralized path configuration by moving constants and helpers from internal/cli to internal/base/path
• Fixed missing timestamp parameter in user status update test calls

Reviewed Changes

Copilot reviewed 12 out of 13 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
cmd/command.go	Adds resetPasswordCmd definition with flags and wires it into the root command
cmd/main.go	Updates import to use new path package
internal/cli/reset_password.go	New file implementing the password reset command with interactive prompts and validation
internal/cli/install.go	Removes path-related code moved to path package and updates references
internal/cli/install_check.go	Updates to use path package instead of cli
internal/base/path/path.go	New centralized package for path configuration constants and helpers
internal/base/conf/conf.go	Updates import to use new path package
internal/install/install_main.go	Updates import to use new path package
internal/install/install_controller.go	Updates to reference path package for path constants
internal/repo/repo_test/user_backyard_repo_test.go	Fixes test calls to include missing timestamp parameter
pkg/checker/reserved_username.go	Updates import to use new path package
go.mod	Adds golang.org/x/term dependency for secure password input

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[LinkinStars]

Thank you for your contribution. I have tested the functionality and it works without issue.