private void handleUser(ISFSEvent event) { trace("Registered user logged in", userName); DBCollection users = AuthorizeExtension.users; BasicDBObject query = new BasicDBObject(); query.put("email", userName); DBCursor cursor = users.find(query); if (!cursor.hasNext()) { trace("user not found"); return; } document = cursor.next(); String password_digest = (String) document.get("password_digest"); if (!getApi().checkSecurePassword(session, password_digest, cryptedPass)) { trace("password wrong"); return; } document.put("session", generateSession); users.update(query, document); isRegistered = true; }