public string Login(string email, string password) { password = password.EnsureNotNullOrWhiteSpace(nameof(password)); var user = Get(email); var passwordHash = CryptoHash.Pbkdf2Hash(password, user.PasswordSalt.ParseBase64String()).GetBase64String(); if (passwordHash.IsOrdinalEqual(user.PasswordHash, true)) { return(JwtService.GenerateToken(user)); } else { throw new BusinessException("Email or password is not correct."); } }
public void Logout(string session) { JwtService.RemoveSession(session); }