Site unusable after impersonating user with pending password change

Summary

Impersonating a user who has a forced password change scheduled leaves you unable to navigate the website and also you cannot stop impersonating them, you need to clear your cookies before you can use the site normally again

Steps to reproduce

• Force set a users password (gitlab will now prompt for a password change next time they login)
• Impersonate that same user
• Get automatically redirected to the password change page
• You can now not navigate to any other pages, and you also cannot stop impersonating (you get redirected back to the password change page)
• Must clear cookies in order to use the site and login as self again

What is the current bug behavior?

You can't navigate the site when impersonating a user with a pending password change, and once you've started you can not stop impersonating them without clearing your cookies.

What is the expected correct behavior?

When Impersonating a user with a pending password change, you should not see the password change page and should be able to impersonate them and navigate the site as normal.