public Session Login(User user) { var foundUser = _userAccess.GetByEmail(user.Email); if (foundUser == null) { return(null); } user.Salt = foundUser.Salt; return(foundUser.Password.Equals(EncryptPassword(user)) ? CreateSession(foundUser) : null); }