Reset password using a valid reset token.
Validates the token, updates the password, and invalidates all refresh tokens.
Args: request: Reset token and new password. reset_service: Password reset service dependency.
Returns: Success message.
Raises: HTTPException: 400 if token is invalid, expired, or already used.