Refactor the users class into their own files, add a common base class for federated users and add a verify_credentials method which only does the verification, without the linking. We use this in the superuser verification pass

endpoints/api/user.py

@@ -395,7 +395,7 @@ def conduct_signin(username_or_email, password):
 
   verified = None
   try:
-    (verified, error_message) = authentication.verify_user(username_or_email, password)
+    (verified, error_message) = authentication.verify_and_link_user(username_or_email, password)
   except model.user.TooManyUsersException as ex:
     raise license_error(exception=ex)
 
@@ -457,7 +457,7 @@ class ConvertToOrganization(ApiResource):
     # Ensure that the sign in credentials work.
     admin_username = convert_data['adminUser']
     admin_password = convert_data['adminPassword']
-    (admin_user, _) = authentication.verify_user(admin_username, admin_password)
+    (admin_user, _) = authentication.verify_and_link_user(admin_username, admin_password)
     if not admin_user:
       raise request_error(reason='invaliduser',
                           message='The admin user credentials are not valid')