public void CheckLoginAndPassword(UserDto user, out bool isLoginValid, out bool isPasswordValid) { if (user == null) { throw new ArgumentNullException(); } if (user.Login == null) { throw new DtoValidationException("Login is null"); } if (user.Passwod == null) { throw new DtoValidationException("Passwod is null"); } User userDb; try { using (IUnitOfWork unitOfWork = _unitOfWorkFactory.GetUnitOfWork()) { userDb = unitOfWork.UserRepository.GetByLogin(user.Login); } } catch (Exception ex) { throw new DomainModelException("watch inner exception", ex); } if (userDb == null) { isLoginValid = false; isPasswordValid = false; return; } isLoginValid = true; string passwordHash = _securityProvider.ComputeHash(user.Passwod, userDb.PasswordSalt); isPasswordValid = passwordHash == userDb.PasswordHash; }