public virtual User ValidateUser(string userName, string password, string role) { // TO DO: implement a custom UserException to display custom error message User validatedUser = null; try { AppLogger.logInfo(this.ToString(), "Begin validating user."); validatedUser = Repository.Get(user => user.user_name.Equals(userName, StringComparison.InvariantCultureIgnoreCase) && user.role.Equals(role, StringComparison.InvariantCultureIgnoreCase) && !user.deleted); if (validatedUser != null) { if (PasswordServiceProvider.Match(userName.ToLowerInvariant(), password, validatedUser.password)) { AppLogger.logInfo(this.ToString(), string.Format("User name & Password matched.")); } else { validatedUser = null; AppLogger.logInfo(this.ToString(), string.Format("User name & Password not matched.")); System.Windows.Forms.MessageBox.Show("Mật khẩu không chính xác.", Constants.Messages.ERROR_CAPTION, System.Windows.Forms.MessageBoxButtons.OK, System.Windows.Forms.MessageBoxIcon.Error); } } else { AppLogger.logInfo(this.ToString(), string.Format("User does not exist.")); System.Windows.Forms.MessageBox.Show("Tên người dùng không tồn tại.", Constants.Messages.ERROR_CAPTION, System.Windows.Forms.MessageBoxButtons.OK, System.Windows.Forms.MessageBoxIcon.Error); } AppLogger.logInfo(this.ToString(), string.Format("Finish validating user.", userName)); } catch (Exception ex) { AppLogger.logError(this.ToString(), "Error occurs when validating user.", ex); System.Windows.Forms.MessageBox.Show(Constants.Messages.ERROR_OPERATION_NOT_PERFORMED, Constants.Messages.ERROR_CAPTION, System.Windows.Forms.MessageBoxButtons.OK, System.Windows.Forms.MessageBoxIcon.Error); } return(validatedUser); }