public void Handle(LoginCommand command)
        {
            User user = _authRepository.FindUserByUserName(command.Username);

            if (string.IsNullOrEmpty(command.Password) || string.IsNullOrEmpty(command.Username))
            {
                _authRepository.Add(LoginAttempt.Failed(command.AttemptId, "Invalid credentials"));
                return;
            }

            if (user == null)
            {
                _authRepository.Add(LoginAttempt.Failed(command.AttemptId, "User not found"));
                return;
            }

            if (!_hasher.CompareHash(command.Password, user.Password, user.PasswordSalt))
            {
                _authRepository.Add(LoginAttempt.Failed(command.AttemptId, "Invalid password", user));
                return;
            }

            _authRepository.Add(LoginAttempt.Successful(command.AttemptId, user));
        }