public async Task <string> AuthenticateAsync(string username, string password) { try { var enhancedHashPassword = _cryptService.EncodePassword(password); var user = await this.TryGetUserAsync(username); var isPasswordVerified = _cryptService.VerifyPassword(password, enhancedHashPassword); // return null if user not found if (user == null || !isPasswordVerified) { throw new UserServiceException("User or password is incorrect"); } return(GetAuthenticateUserWithTokenAsync(user)); } catch (CryptServiceException cryptServiceException) { throw new BusinessLogicException(cryptServiceException.Message, cryptServiceException); } }