introduce config parameter to define the validity (in hours) of the account creation/password reset token

Introduce config parameter "token_expiration_time" whose value is to be specified in hours, e.g. 24 for a token expiry time of 24 hours (the default value is 2).