Add password validation for user with unverified email

[mtrezza]

New Feature / Enhancement Checklist

• I am not disclosing a vulnerability.
• I am not just asking a question.
• I have searched through existing issues.

Current Limitation

It's currently not possible to verify a user password if email verification is required and the user's email has not been verified. Even when using the master key, a request to REST API /verifyPassword fails with Parse error 205.

Feature / Enhancement Description

Introduce new request option ignoreEmailVerification that together with the master or maintenance key allows to verify a user password ignoring the email verification status.

Example Use Case

It may be necessary to verify a user password irrespective of email verification status, for example to allow a user to change an incorrectly entered email that could not be verified because it is incorrect. A developer can write a Cloud Function that does just that.

Alternatives / Workarounds

Use maintenance key and compare hashed passwords, which is discouraged for many reasons.

[parse-github-assistant]

Thanks for opening this issue!

• 🎉 We are excited about your ideas for improvement!