public void LogSuccess(LoginRequest request, Audit audit)
        {
            _repository.Update(audit);

            var history = _session.Load<LoginFailureHistory>(request.UserName);
            if (history != null)
            {
                _session.Delete(history);
            }
        }
        public void LogFailure(LoginRequest request, Audit audit)
        {
            if (request.UserName.IsEmpty()) return;

            _repository.Update(audit);

            var history = _session.Load<LoginFailureHistory>(request.UserName) ?? new LoginFailureHistory
            {
                Id = request.UserName
            };

            history.Attempts = request.NumberOfTries;
            history.LockedOutTime = request.LockedOutUntil;

            _session.Store(history);
        }