public async Task <string> AuthenticateAsync(string username, string password) { var user = await _usersDataAccessor.GetLoginInfo().FirstOrDefaultAsync(x => x.Username == username); if (user != null && string.IsNullOrEmpty(user.Password)) { await _usersDataAccessor.SetPasswordAsync(user.Id, _hashCreator.Create(username, password, user.PasswordSalt)); return(_tokenProvider.Get(user)); } if (user == null || user.Password != _hashCreator.Create(username, password, user.PasswordSalt)) { throw new AuthException(ErrorMessages.Login_AuthError); } return(_tokenProvider.Get(user)); }