SendPasswordResetEmail mutation should check if the email is registered

[myshy93]

Prerequisites

• Is it a bug?
• Is it a new feature?
• Is it a a question?
• Can you reproduce the problem?
• Are you running the latest version?
• Did you check for similar issues?
• Did you perform a cursory search?

For more information, see the CONTRIBUTING guide.

Description

It will be nice to get an error from SendPasswordResetEmail mutation if the email received as argument is not found in the database.

As you can see in the SS o got success: true even if the email not exists.

[PedroBern]

@myshy93 We don't care if the email was not found, only existing users should be able to reset passwords. You can show a message like: if this email exists, it was sent a password reset...

[myshy93]

Any change to add this? Mayne as a settings parameter?

[svyatkin-aleks]

@PedroBern Method resolve_mutation in SendPasswordResetEmailMixin is waiting for an exception UserNotVerified in method send_password_reset_email in order to send activation email. But this method doesn't check that status is verified and doesn't raise UserNotVerified exception. Is it bug or I don't understand something?