public User Create(User user, string password) { if (user == null || string.IsNullOrWhiteSpace(password)) { throw new Exception("Password is required"); } if (_userDataAccess.UserExists(user.Email)) { throw new Exception($"Username {user.Email} is already taken"); } byte[] passwordHash, passwordSalt; CreatePasswordHash(password, out passwordHash, out passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; _userDataAccess.AddUser(user); _userDataAccess.Commit(); return(user); }