Invalid tokens for password reset

Steps to reproduce

1. Log out
2. Ask password reset for any user (tested with 2 different ones)
3. Correctly receive email with reset link
4. Go to the reset form (successfully)
5. Enter a new password, click "Submit"

Note that I'm aware this bug may be specific to my instance (https://funk.firobe.fr), but I don't know why it would be the case yet.

What happens?

The UI reports: "Error while changing your password Invalid value"

Analyzing the answer from the server yields a 400 Bad Request reponse, with the payload

{"token": "Invalid value"}

The token sent by the request is the one transmitted in the e-mail as expected.

funkwhale-server just reports a bad request on the endpoint

What is expected?

The token sent by email is accepted by the API to reset the password.

Context

Funkwhale version(s) affected: 1.3.1+git.cc7fde67
Instance configuration: non-docker, nginx