fix(reset-password): use 400 status for invalid token

[Sjoertjuh]

Description

When using the reset password feature, a 500 status error is returned when an invalid token is used. I would expect the error to be a 4xx status, since it is not a server error. Also the message is now converted to "Something went wrong.", which gives no context of what happened.

Example using graphql

mutation{
  resetPasswordUser(token: "invalid_token", password: "password") {
    token
  }
}

Output:

{
  "errors": [
    {
      "extensions": {
        "name": "APIError",
        "statusCode": 500
      },
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "message": "Something went wrong.",
      "path": [
        "resetPasswordUser"
      ]
    }
  ],
  "data": {
    "resetPasswordUser": null
  }
}

• [x] I have read and understand the CONTRIBUTING.md document in this repository.

Type of change

• [x] Bug fix (non-breaking change which fixes an issue)

Checklist:

• [x] I have added tests that prove my fix is effective or that my feature works
• [x] Existing test suite passes locally with my changes
• [x] I have made corresponding changes to the documentation (none)