Password recovery for superadmin fails

[stj-mv]

Problem: Requesting a password-recovery at login for a superadmin generates a confirmation token and sends correctly the mail. Trying to open the provided link gives error (Token not found or expired)

Reason: The token is not saved in the database. While recovering a password the user isn't authenticated (isGuest) and in models\User beforeSave does not allow to save a superadmin-record for non-superadmin user.

[webvimark]

Hmmm, thank you for pointing at this problem, I'll think hot to fix it