public SimpleAuthResult <TokenEntity> UserCrendentialLogin(string username, string password) { using (var context = new SimpleUserDbContext()) { var tryFindUser = context.LoginUser.FirstOrDefault(x => x.UserName == username); if (tryFindUser == null) { return(SimpleAuthResult <TokenEntity> .Fail(string.Format("user name with '{0}' is not found .", username))); } var hashedPassword = HashPassword(password); if (tryFindUser.PasswordHash != hashedPassword) { return(SimpleAuthResult <TokenEntity> .Fail("user password is not correct")); } if (_isSso) { _provider.RemoveTokenFor(tryFindUser.Id); } ////issue a new token for password login var newToken = _provider.CreateNew(tryFindUser.Id); return(SimpleAuthResult <TokenEntity> .Success(newToken)); } }