Add `beforePasswordResetRequest` trigger

[mtrezza]

trafficstars

New Feature / Enhancement Checklist

• Report security issues confidentially.
• Any contribution is under this license.
• Before posting search existing issues.

Current Limitation

There is no way to add any conditions before the password reset request endpoint. This is important to mitigate sending emails to invalid email addresses to protect the IP reputation of the sender.

Feature / Enhancement Description

Add Cloud Code trigger to allow adding conditions and validations.

Example Use Case

1. User invokes password reset request with invalid email address.
2. In beforePasswordResetRequest trigger, the email address is validated and an error is thrown.

Alternatives / Workarounds

Add logic to email adapter, but at that point all the token generation and storage in DB has been done already, as sending the email is only the last step.