Description

Setting ALLOW_LOGIN_NOT_VERFIED to True seems like it would eliminate the UserNotVerifiedError upon executing the SendPasswordResetEmail (in the case where user is unverified), however, it still raises this error.

Expected behavior

I would expect ALLOW_LOGIN_NOT_VERFIED would remove the check for the user needing to be verified upon sending the password reset email - or I would expect there to be a new setting called ALLOW_PASSWORD_RESET_NOT_VERIFIED that would more granularly control this.

Requirements

django-graphql-jwt==0.3.0
graphene-django==2.9.1
django-graphql-auth==0.3.10

The default behavior must be raising this error because it's common to let users login when not verified, but they should first verify the account in order to reset password. However, a new setting ALLOW_PASSWORD_RESET_NOT_VERIFIED would be nice.

Another option would be verifying the account along with the password reset, in case the user asks for a password reset without being verified. I think this would be even better than the new setting.

Can you make a PR for one of those alternatives?