Allow password reset while signed in #5157
Description
Is your feature request related to a problem? Please describe.
When using local password authentication, if you forget your password the only way to reset it via email verification is from the sign-in screen. What happens sometimes is that the user opens MAS in a private browser window, clicks "Forgot password?", enters their email, and just clicks the link from their inbox which opens in your non-private browser that is already signed into your account. Resulting in this error message
Error: [{"message":"Account recovery is only for anonymous users.","locations":[{"line":3,"column":3}],"path":["setPasswordByRecovery"]}]
Describe the solution you'd like
Allow resetting your password while signed in. Also put a "Forgot password?" next to "Change password" on the account settings page.
Describe alternatives you've considered
You can just sign out, or make sure you also open the email verification link in your private window, but this adds additional friction for users. I don't believe there are any security reasons to only allow password reset via email verification while signed out?
Additional context
n/a