fix(api): silently accept unnecessary user unlock attempt

api/desecapi/templates/unlock.html

@@ -2,7 +2,7 @@
 <html lang="en">
 <head>
     <meta charset="UTF-8">
-    <title>Title</title>
+    <title>Unlock deSEC account</title>
     <script src="https://www.google.com/recaptcha/api.js" async defer></script>
 </head>
 <body>

api/desecapi/views.py

@@ -472,12 +472,14 @@ def unlock(request, email):
         if form.is_valid():
             try:
                 user = User.objects.get(email=email)
-                user.unlock()
-                if not user.dyn:
-                    context = {'token': user.get_token()}
-                    send_token_email(context, user)
+                if user.locked:
+                    user.unlock()
+                    if not user.dyn:
+                        context = {'token': user.get_token()}
+                        send_token_email(context, user)
             except User.DoesNotExist:
-                pass # fail silently, otherwise people can find out if email addresses are registered with us
+                # fail silently, so people can't probe registered addresses
+                pass
 
             return HttpResponseRedirect(reverse('unlock/done'))