public AuthResult Authenticate(string phoneNumber, string password)
{
AuthResult result = AuthResult.WrongCreadentials;
User user = _usersRepository.GetUserByPhone(phoneNumber);
if (user != null)
{
bool isPasswordValid = _passwordValidator.IsPasswordValid(password, user);
bool hasRights = _passwordValidator.HasRights(user);
if (isPasswordValid && hasRights)
{
FormsAuthentication.SetAuthCookie(phoneNumber, false);
CurrentUser.Instance.Name = user.Username;
result = AuthResult.Success;
}
else
{
if (isPasswordValid)
{
result = AuthResult.NoRights;
}
}
}
return(result);
}