Your 2nd if statements terminate with ;
that is a valid statement. and you are throwing an exception in the next block , that is why the error.
if(!getApi().checkSecurePassword(session, dbPword, pass));
The above if statement terminates with semicolon which is a valid statement, and if statement will act on it, Your other part of the code is executing irrespective of the if statement and that is throwing an exception at the end.
{
SFSErrorData errorData = new SFSErrorData(SFSErrorCode.LOGIN_BAD_PASSWORD);
errorData.addParameter(email);
throw new SFSLoginException("Bad password for user: "+ email, errorData);
}
That is why you are getting the error because your line session.setProperty("DatabaseID", dbId);
would never reach.