public virtual RenderJsonResult RegisterNewWebAccount(RegisterNewAccountParameters parameters)
        {
            var existingWebAccountEmailReferenceId = DocumentSession.GetEntityIdFromValue <WebAccountEmailReference>(parameters.EmailAddress);
            var existingWebAccountEmailReference   = DocumentSession.Load <WebAccountEmailReference>(existingWebAccountEmailReferenceId);

            if (existingWebAccountEmailReference != null)
            {
                DocumentSession.Advanced.Clear();
                return(this.RenderJsonErrorCode(1, "An account already exists with this e-mail address."));
            }
            if (string.IsNullOrWhiteSpace(parameters.RequestedPassword))
            {
                DocumentSession.Advanced.Clear();
                return(this.RenderJsonErrorCode(2, "A password is required, both passwords must match"));
            }
            var newAccount = WebAccount.RegisterNewAccount(parameters);

            newAccount.ChangePassword(parameters.RequestedPassword);
            DocumentSession.Store(newAccount);

            var newAccountEmailReference = new WebAccountEmailReference(existingWebAccountEmailReferenceId, newAccount.Id);

            DocumentSession.Store(newAccountEmailReference);

            // TODO: Publish event for e-mail notification
            return(this.RenderJsonSuccessErrorCode());
        }
        public virtual RenderJsonResult Login(string emailAddress, string password, bool persist, string returnUrl)
        {
            var webAccountEmailReferenceId = DocumentSession.GetEntityIdFromValue <WebAccountEmailReference>(emailAddress);
            var accountEmailReference      = DocumentSession.Load <WebAccountEmailReference>(webAccountEmailReferenceId);

            if (accountEmailReference == null)
            {
                return(this.RenderJsonErrorCode(1, "Bad Username or Password"));
            }
            var webAccount = DocumentSession.Load <WebAccount>(accountEmailReference.WebAccountId);

            if (webAccount == null || !webAccount.PasswordMatches(password))
            {
                return(this.RenderJsonErrorCode(1, "Bad Username or Password"));
            }
            if (!webAccount.CanLogin())
            {
                return(this.RenderJsonErrorCode(2, "Account is locked"));
            }
            webAccount.IncrementLogin();
            FormsAuthentication.SetAuthCookie(webAccount.Id, persist);
            SetRoles(webAccount.Roles);
            return(new RenderJsonResult()
            {
                Data = new { redirect = Url.IsLocalUrl(returnUrl) ? returnUrl : Url.Action(MVC.Public.Index()) }
            });
        }