Exceptions

Exceptions or validation?

Hey Guru, I need your help! Studying the principle "TTUK - Fat Stupid Ugly Controllers" I decided to make all controllers using services. Here a problem arose.
Example: suppose the login process in theory should look like this
in the controller

$auth_service = new AuthService();

        try {
            $auth_service->auth($email, $password);
        } catch (ServiceException $e) {
            switch ($e->getCode()) {
                case ServiceException::NOT_FOUND_EMAIL:
                    return;
                case ServiceException::NOT_CORRECT_PASSWORD:
                    return;
                default:
                    throw $e;
            }
        }

in service

public function auth(string $email, string $password)
    {
        if ($this->isEmailNotExists($email)) {
            throw new ServiceException('Email not exists', ServiceException::NOT_FOUND_EMAIL);
        }

        $profile = Profile::firstFromEmail($email);

        if ($this->isPasswordNotCorrect($profile, $password)) {
            throw new ServiceException('Password not correct', ServiceException::NOT_CORRECT_PASSWORD);
        }

        /* логика с сессиями */
    }

However, it is not entirely clear whether it would be right to make exceptions in the controller or still first ask the service about the existence of soap, for example?
Whereas if I have everything right now, then it turns out if suddenly somewhere else, in a different way, you need to implement login, then you will have to create a separate someAuth method where, for example, sessions are not needed and you need to send a login message.
But if I'm doing it wrong and it's better to check before starting to work with the service, then it turns out I don't go far from TTUK .