forgot password on a staged account does nothing

app/controllers/session_controller.rb

@@ -192,7 +192,7 @@ class SessionController < ApplicationController
     RateLimiter.new(nil, "forgot-password-min-#{request.remote_ip}", 3, 1.minute).performed!
 
     user = User.find_by_username_or_email(params[:login])
-    user_presence = user.present? && user.id != Discourse::SYSTEM_USER_ID
+    user_presence = user.present? && user.id != Discourse::SYSTEM_USER_ID && !user.staged
     if user_presence
       email_token = user.email_tokens.create(email: user.email)
       Jobs.enqueue(:user_email, type: :forgot_password, user_id: user.id, email_token: email_token.token)

spec/controllers/session_controller_spec.rb

@@ -638,15 +638,28 @@ describe SessionController do
     end
 
     context 'do nothing to system username' do
-      let(:user) { Discourse.system_user }
+      let(:system) { Discourse.system_user }
 
       it 'generates no token for system username' do
-        expect { xhr :post, :forgot_password, login: user.username}.not_to change(EmailToken, :count)
+        expect { xhr :post, :forgot_password, login: system.username}.not_to change(EmailToken, :count)
       end
 
       it 'enqueues no email' do
         Jobs.expects(:enqueue).never
-        xhr :post, :forgot_password, login: user.username
+        xhr :post, :forgot_password, login: system.username
+      end
+    end
+
+    context 'for a staged account' do
+      let!(:staged) { Fabricate(:staged) }
+
+      it 'generates no token for staged username' do
+        expect { xhr :post, :forgot_password, login: staged.username}.not_to change(EmailToken, :count)
+      end
+
+      it 'enqueues no email' do
+        Jobs.expects(:enqueue).never
+        xhr :post, :forgot_password, login: staged.username
       end
     end
   end

spec/fabricators/user_fabricator.rb

@@ -99,3 +99,7 @@ Fabricator(:anonymous, from: :user) do
     user.save!
   end
 end
+
+Fabricator(:staged, from: :user) do
+  staged true
+end