Inform user that email is invalid using Django's Password Reset

Question

I am using the built-in django password reset functionality. The documentation states:

If the email address provided does not exist in the system, thi

Answer 1

For later versions of Django such as Django 2.1 there is a similar question with slightly modified code.

#forms.py
from django.contrib.auth.forms import PasswordResetForm

class EmailValidationOnForgotPassword(PasswordResetForm):

    def clean_email(self):
        email = self.cleaned_data['email']
        if not User.objects.filter(email__iexact=email, is_active=True).exists():
            msg = _("There is no user registered with the specified E-Mail address.")
            self.add_error('email', msg)
        return email

And

#urls.py
from accounts.forms import EmailValidationOnForgotPassword

path('accounts/password_reset/', auth_views.PasswordResetView.as_view(form_class=EmailValidationOnForgotPassword), name='password_reset'),

Please be aware that this can be used to obtain usernames/e-mails. One way to reduce this issue is to respond with a 429 Too Many Requests as soon an user tries 3 different E-Mails. This can be achived using for example django-ratelimit