public Task <string> AuthenticateUser(string username, string password)
        {
            return(Task.Run(() =>
            {
                User user = _userQueryProcessor.GetAllUsers().FirstOrDefault(u => u.Username == username && u.Password == password);

                // return null if user not found.
                if (user == null)
                {
                    return null;
                }

                // authentication successful so generate and return jwt token.
                var tokenDescriptor = new SecurityTokenDescriptor
                {
                    Subject = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, user.Id.ToString()) }),
                    Expires = DateTime.UtcNow.AddMinutes(10),
                    SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(_jwtKeyByte), SecurityAlgorithms.HmacSha256Signature)
                };

                var tokenHandler = new JwtSecurityTokenHandler();

                return tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor));
            }));
        }