[fix](auth)fix after setting the user password to expire, changing the password again will not take effect (#23426)

Create a jack user and set the password to expire after 10 days.
`CREATE USER 'jack' IDENTIFIED BY '12345' PASSWORD_EXPIRE INTERVAL 10 DAY FAILED_LOGIN_ATTEMPTS 3 PASSWORD_LOCK_TIME 1 DAY;`

After the password has expired, reset the password.
`SET PASSWORD FOR 'jack' = PASSWORD('123');`


Log in with a new password, ERROE ` Your password has expired. To log in you must change it using a client that supports expired passwords`

fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/PasswordPolicy.java

@@ -139,6 +139,10 @@ public class PasswordPolicy implements Writable {
         }
     }
 
+    public ExpirePolicy getExpirePolicy() {
+        return expirePolicy;
+    }
+
     @Override
     public void write(DataOutput out) throws IOException {
         Text.writeString(out, GsonUtils.GSON.toJson(this));
@@ -209,6 +213,10 @@ public class PasswordPolicy implements Writable {
             this.passwordCreateTime = System.currentTimeMillis();
         }
 
+        public void setPasswordCreateTime() {
+            this.passwordCreateTime = System.currentTimeMillis();
+        }
+
         private String expirationSecondsToString() {
             if (expirationSecond == -1) {
                 return "DEFAULT";

fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/PasswordPolicyManager.java

@@ -22,6 +22,7 @@ import org.apache.doris.analysis.UserIdentity;
 import org.apache.doris.common.AuthenticationException;
 import org.apache.doris.common.io.Text;
 import org.apache.doris.common.io.Writable;
+import org.apache.doris.mysql.privilege.PasswordPolicy.ExpirePolicy;
 import org.apache.doris.persist.gson.GsonUtils;
 
 import com.google.common.collect.Lists;
@@ -93,6 +94,12 @@ public class PasswordPolicyManager implements Writable {
     public void updatePassword(UserIdentity curUser, byte[] password) {
         PasswordPolicy passwordPolicy = getOrCreatePolicy(curUser);
         passwordPolicy.updatePassword(password);
+
+        // Compatible with setting the password expiration time and changing the password again
+        ExpirePolicy expirePolicy = passwordPolicy.getExpirePolicy();
+        if (expirePolicy.passwordCreateTime != 0) {
+            expirePolicy.setPasswordCreateTime();
+        }
     }
 
     public List<List<String>> getPolicyInfo(UserIdentity userIdent) {

regression-test/suites/account_p0/test_alter_user.groovy

@@ -139,7 +139,7 @@ suite("test_alter_user", "account") {
     }
     sql """set global validate_password_policy=NONE"""
 
-    // 5. text expire
+    // 5. test expire
     sql """create user test_auth_user4 identified by '12345' PASSWORD_EXPIRE INTERVAL 5 SECOND"""
     sql """grant all on *.* to test_auth_user4"""
     result1 = connect(user = 'test_auth_user4', password = '12345', url = context.config.jdbcUrl) {
@@ -160,5 +160,37 @@ suite("test_alter_user", "account") {
     result1 = connect(user = 'test_auth_user4', password = '12345', url = context.config.jdbcUrl) {
         sql 'select 1'
     }
+
+    // 7. test after expire, reset password
+    sql """drop user test_auth_user4"""
+    sql """create user test_auth_user4 identified by '12345' PASSWORD_EXPIRE INTERVAL 5 SECOND"""
+    sql """grant all on *.* to test_auth_user4"""
+    result1 = connect(user = 'test_auth_user4', password = '12345', url = context.config.jdbcUrl) {
+        sql 'select 1'
+    }
+    sleep(6000)
+    sql """set password for 'test_auth_user4' = password('123')"""
+    result2 = connect(user = 'test_auth_user4', password = '123', url = context.config.jdbcUrl) {
+        sql 'select 1'
+    }
+    sleep(6000)
+    try {
+        connect(user = 'test_auth_user4', password = '123', url = context.config.jdbcUrl) {}
+        assertTrue(false. "should not be able to login")
+    } catch (Exception e) {
+        assertTrue(e.getMessage().contains("Your password has expired. To log in you must change it using a client that supports expired passwords."), e.getMessage())
+    }
+
+    // 8. test password not expiration
+    sql """drop user test_auth_user4"""
+    sql """create user test_auth_user4 identified by '12345'"""
+    sql """grant all on *.* to test_auth_user4"""
+    result1 = connect(user = 'test_auth_user4', password = '12345', url = context.config.jdbcUrl) {
+        sql 'select 1'
+    }
+    sleep(1000)
+    result2 = connect(user = 'test_auth_user4', password = '12345', url = context.config.jdbcUrl) {
+        sql 'select 1'
+    }
 }