public void Handle(LoginCommand command)
{
User user = _authRepository.FindUserByUserName(command.Username);
if (string.IsNullOrEmpty(command.Password) || string.IsNullOrEmpty(command.Username))
{
_authRepository.Add(LoginAttempt.Failed(command.AttemptId, "Invalid credentials"));
return;
}
if (user == null)
{
_authRepository.Add(LoginAttempt.Failed(command.AttemptId, "User not found"));
return;
}
if (!_hasher.CompareHash(command.Password, user.Password, user.PasswordSalt))
{
_authRepository.Add(LoginAttempt.Failed(command.AttemptId, "Invalid password", user));
return;
}
_authRepository.Add(LoginAttempt.Successful(command.AttemptId, user));
}