public static User GetByUserNameOrEmail(this DbSet<User> users, string userNameOrEmail, string password)
{
if (userNameOrEmail.Contains('@'))
{
foreach (var user in users.Where(u => u.Email == userNameOrEmail))
{
if (PasswordHash.Validate(password, user.PasswordHash, user.PasswordSalt))
{
return user;
}
}
}
else
{
var user = users.SingleOrDefault(u => u.UserName == userNameOrEmail);
if (user != null && PasswordHash.Validate(password, user.PasswordHash, user.PasswordSalt))
{
return user;
}
}
return null;
}