Merge #3424

3424: Fix #3411 (backport #3423) r=mergify[bot] a=mergify[bot]

## What type of PR?

bug-fix

## What does this PR do?

Ensure we don't nuke all web-sessions when a password is changed.
This was reported with the command line but I suspect the API is affected too.

### Related issue(s)
- close #3411 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
<hr>This is an automatic backport of pull request #3423 done by [Mergify](https://mergify.com).

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>

core/admin/mailu/models.py

@@ -637,7 +637,7 @@ in clear-text regardless of the presence of the cache.
 set() containing the sessions to keep
         """
         self.password = password if raw else User.get_password_context().hash(password)
-        if keep_sessions is not True:
+        if keep_sessions is not True and self.email is not None:
             utils.MailuSessionExtension.prune_sessions(uid=self.email, keep=keep_sessions)
 
     def get_managed_domains(self):

towncrier/newsfragments/3411.bugfix

@@ -0,0 +1 @@
+Ensure we do not nuke all web-sessions when a password is changed using the command line