public override string ExtendedValidateUser(string userNameOrEmail, string password)
 {
     if (string.IsNullOrEmpty(userNameOrEmail))
     {
         throw CreateArgumentNullOrEmptyException("userNameOrEmail");
     }
     if (string.IsNullOrEmpty(password))
     {
         throw CreateArgumentNullOrEmptyException("password");
     }
     using (WebApp4Context context = new WebApp4Context())
     {
         User user = null;
         user = context.User.FirstOrDefault(Usr => Usr.Username == userNameOrEmail);
         if (user == null)
         {
             user = context.User.FirstOrDefault(Usr => Usr.Email == userNameOrEmail);
         }
         if (user == null)
         {
             return(string.Empty);
         }
         if (!user.IsConfirmed)
         {
             return(string.Empty);
         }
         dynamic hashedPassword        = user.Password;
         bool    verificationSucceeded = (hashedPassword != null && CodeFirstCrypto.VerifyHashedPassword(hashedPassword, password));
         if (verificationSucceeded)
         {
             user.PasswordFailuresSinceLastSuccess = 0;
         }
         else
         {
             int failures = user.PasswordFailuresSinceLastSuccess;
             if (failures != -1)
             {
                 user.PasswordFailuresSinceLastSuccess += 1;
                 user.LastPasswordFailureDate           = DateTime.Now;
             }
         }
         context.SaveChanges();
         if (verificationSucceeded)
         {
             return(user.Username);
         }
         else
         {
             return(string.Empty);
         }
     }
 }
 public override bool ChangePassword(string userName, string oldPassword, string newPassword)
 {
     if (string.IsNullOrEmpty(userName))
     {
         throw CreateArgumentNullOrEmptyException("userName");
     }
     if (string.IsNullOrEmpty(oldPassword))
     {
         throw CreateArgumentNullOrEmptyException("oldPassword");
     }
     if (string.IsNullOrEmpty(newPassword))
     {
         throw CreateArgumentNullOrEmptyException("newPassword");
     }
     using (WebApp4Context context = new WebApp4Context())
     {
         dynamic user = context.User.FirstOrDefault(Usr => Usr.Username == userName);
         if (user == null)
         {
             return(false);
         }
         dynamic hashedPassword        = user.Password;
         bool    verificationSucceeded = (hashedPassword != null && CodeFirstCrypto.VerifyHashedPassword(hashedPassword, oldPassword));
         if (verificationSucceeded)
         {
             user.PasswordFailuresSinceLastSuccess = 0;
         }
         else
         {
             int failures = user.PasswordFailuresSinceLastSuccess;
             if (failures != -1)
             {
                 user.PasswordFailuresSinceLastSuccess += 1;
                 user.LastPasswordFailureDate           = DateTime.Now;
             }
             context.SaveChanges();
             return(false);
         }
         dynamic newhashedPassword = CodeFirstCrypto.HashPassword(newPassword);
         if (newhashedPassword.Length > 128)
         {
             throw new ArgumentException("Password too long");
         }
         user.Password            = newhashedPassword;
         user.PasswordChangedDate = DateTime.Now;
         context.SaveChanges();
         return(true);
     }
 }