}
if(sessionContext.getState().equals(SessionState.AUTHENTICATED)) {
if(accountManagement.verifyAccountExists(user)) {
// account exists
accountManagement.changePassword(user, password);
} else {
throw new AccountCreationException("Account does not exist");
}
} else {
if(accountManagement.verifyAccountExists(user)) {