User user = AuthResource.findUser(UserGuard.this.db,identifier);
if (user==null) {
getContext().getLogger().info("No such user.");
return Verifier.RESULT_INVALID;
}
if (secret!=null && user.checkPassword(new String(secret))) {
getContext().getLogger().info("Authentication succeeded, checking permissions");
if (permission!=null) {
if (!user.hasPermission(permission)) {
getContext().getLogger().info("User does not have permission "+permission.getName()+","+permission.getUUID());
return Verifier.RESULT_INVALID;