Django-user-management

**Backwards incompatible** due to required authentication when using `ProfileAvatar`

* `PasswordResetEmail` now only throttled on `POST` requests.
* Added `DELETE` method to `ProfileAvatar`.
* `ProfileAvatar` now requires authentication.

* Add missing plaintext account validation email
* Add missing `/` to html account validation email

* Update `create_user` to set last_login with a default.

**Note: this change has been done for the upcoming version django > 1.7.0.**
`User.last_login` default is removed from django > 1.7.0. For existing
project using `django-user-management` project migrations would be run
after `django.contrib.auth` migrations. The project migrations will cancel
`last_login` `IS NULL`.

**Backwards incompatible** due to incuna-mail update

* Update VerifyEmailMixin.send_validation_email to send a multipart email by default
* Allow overriding the verification email's subject and django templates
* Update incuna-mail to v2.0.0

* Fix bug where VerifyUserAdmin.get_fieldsets is called twice

* Bump required version of `incuna-mail` in order to fix circular import.