public string Login(string email, string password)
{
password = password.EnsureNotNullOrWhiteSpace(nameof(password));
var user = Get(email);
var passwordHash = CryptoHash.Pbkdf2Hash(password, user.PasswordSalt.ParseBase64String()).GetBase64String();
if (passwordHash.IsOrdinalEqual(user.PasswordHash, true))
{
return(JwtService.GenerateToken(user));
}
else
{
throw new BusinessException("Email or password is not correct.");
}
}
public void Logout(string session)
{
JwtService.RemoveSession(session);
}