public async Task <User> Login(string username, string password)
{
var user = await Load(username);
if (user == null)
{
throw new AuthenticationFailedException();
}
if (user.UserStateId == UserStates.Disabled)
{
throw new AuthenticationFailedException();
}
var inputPasswordHash = _hasher.Hash(password, user.PasswordSalt);
if (!_hasher.AreEquals(user.PasswordHash, inputPasswordHash))
{
throw new AuthenticationFailedException();
}
return(user);
}
