public User Login(string email, string password) { var response = new User(); // response.Id = 1; // response.Email = "*****@*****.**"; // response.Name = "Fernando José"; // return response; using (SqlConnection conn = new SqlConnection(ConnectionString())) { using (var cmd = new SqlCommand()) { cmd.Connection = conn; cmd.CommandText = _userSql.SqlLogin(); cmd.CommandType = CommandType.Text; cmd.Parameters.AddWithValue("@Email", GetDbValue(email)); cmd.Parameters.AddWithValue("@Password", GetDbValue(password)); conn.Open(); using (DbDataReader dr = cmd.ExecuteReader()) { if (dr.Read()) { response.Id = Convert.ToInt32(dr["Id"].ToString()); response.Name = dr["Name"].ToString(); response.Email = dr["Email"].ToString(); response.Password = dr["Password"].ToString(); } } } } return(response); }