public Session GetSession(int id, int userId, string username, string password, DateTime createdDate, DateTime lastActiveAt)
{
if (username == "")
{
throw new Exception("empty username");
}
if (password == "")
{
throw new Exception("empty password");
}
using (var conn = _dbConnection.GetConnection())
{
var user = _userDataAccess.CheckUserCredentials(conn, id, username, password, createdDate, lastActiveAt);
if (user.Password != password)
{
throw new Exception("wrong credentials");
}
var session = _sessionDataAccess.CreateSession(conn, user.Id, userId, lastActiveAt);
return(session);
}
}
