Description of problem: There's a hole in the auth process where if the user (for example) 1. Signs up to Zanata (not clicking on the activation email) 2. Forgets their password 3. Returns a time later and presses Forgot Password 4. Enters valid username and email 5. Presses Submit They will be unable to proceed - the system will not, due to no authentication - send the reset password email - resend the activation email - allow any form of updating Zanata should allow them to to enter username and email, then either just send the activation email and tell the user (easier), or redirect to the account activation page with restrictions to resend email only (less easy). Version-Release number of selected component (if applicable): 3.6 snapshot
Pull request: https://github.com/zanata/zanata-server/pull/689
Verified merge (master) at b319ce824c4fd49ce86b2814f17977b2bb16eae8