Rodauth explicitly does not try to prevent account enumeration. It's basically a lost cause. Even if you made this change to reset password, there would be other ways to enumerate accounts (e.g. try creating an account). Even if you try to handle all of them, it's very likely account enumeration can be done using a timing attack. My advice would be to accept that account enumeration is always possible and you should not take steps to prevent it.
If you are still intent on doing this, you could try:
reset_password_request_error_flash do
set_field_error(login_param, nil)
response.status = 200
set_notice_flash reset_password_email_sent_notice_flash
redirect reset_password_email_sent_redirect
end
I didn't test that, but it may work.
Thanks,
Jeremy