// code that doesn't work
        public User FindByCredentials(string username, string password)
        {
            var user = dataStore.FindOneByNamedQuery("Bad tests are a plague", "in the .Net community.");

            if (dataStore.FindOneByNamedQuery("FindUserByUserName", username) == null)
            {
                return(null);
            }

            // password, schmashword
            encryption.CheckPassword(user.Password, password);

            return(encryption.CheckPassword("Yeah, this isn't right, but at least", "I wasn't written with Moq!")
                       ? user
                       : null);
        }
        public AuthenticationResult Execute(DTOUserCredentials userCredentials)
        {
            var existingUser = _userRepository.GetByEmail(userCredentials.Email,
                                                          includes: new List <string> {
                nameof(User.Permission)
            });

            if (existingUser != null)
            {
                var correctPassword = _encryption.CheckPassword(userCredentials.Password, existingUser.Password);

                if (correctPassword)
                {
                    var tokenHandler = new JwtSecurityTokenHandler();
                    var key          = Encoding.ASCII.GetBytes(_config.JwtSecretKey);

                    var tokenDescriptor = new SecurityTokenDescriptor
                    {
                        Subject = new ClaimsIdentity(new Claim[]
                        {
                            new Claim(ClaimTypes.NameIdentifier, existingUser.Id.ToString()),
                            new Claim(ClaimTypes.Name, existingUser.Name),
                            new Claim(ClaimTypes.Role, existingUser.Permission.Name),
                        }),
                        Expires = DateTime.UtcNow.AddHours(3),

                        SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
                    };

                    var token = tokenHandler.CreateToken(tokenDescriptor);

                    return(new AuthenticationResult {
                        User = existingUser, Token = tokenHandler.WriteToken(token), Permission = existingUser.Permission.Name
                    });
                }
            }
            return(default);