You can implement password reset as part of an authentication flow using a Person Authentication interception script. There is an example in [Github](https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/basic.password_expiration)
If you want to hash previous passwords, and store them in the user entry, that's certainly possible by making the above interception script a little fancier. You'll probably need to make a custom user attribute called something like g2llcPasswordData. You'll need to add it to the OpenDJ schema, then register it by adding the attribute in oxTrust. Check the docs for adding custom attributes to the Gluu Server.
Remember, the Gluu Server is not an IDM platform. Password reset is normally in the wheel house of IDM--i.e. add, edit, delete user information, and connecting to various systems that need that data. The Gluu Server, which is an access management platform, is a consumer of identity data from the IDM system. Typically the interface between the Gluu Server, and the IDM is [SCIM](https://tools.ietf.org/html/rfc7644#section-3.2)
With that said, automating password reset at login is one of the cases where IDM and IAM intersect.