public void CreateAccount(AccountRegistration accountRegistration)
 {
     var user = new User(UserId.New, accountRegistration.FullName);
     _userRepository.CreateUser(user);
     SaltedHash passwordHash = new Hasher().Hash(accountRegistration.Password.ToString());
     _accountRepository.CreateAccount(new Account(AccountId.New, accountRegistration.Username, new AccountRoles()),
                                      passwordHash, user.Id);
 }
        public LoginAttemptResult Authenticate(Username username, Password password)
        {
            Contract.Ensures(Contract.Result<LoginAttemptResult>().Succeeded == false ||
                             Contract.Result<LoginAttemptResult>().Account != null);

            Account account = _accountRepository.FindAccount(username);
            if (account == null) {
                return LoginAttemptResult.UsernameNotFound();
            }

            SaltedHash accountPasswordHash = _accountRepository.GetAccountPassword(account.AccountId);

            bool passwordMatches = new Hasher().Matches(password.ToString(), accountPasswordHash);
            if (!passwordMatches) {
                int failedLoginAttemptCount = _accountRepository.IncrementFailedLoginAttemptCount(account.AccountId);
                return LoginAttemptResult.IncorrectPassword(failedLoginAttemptCount);
            }

            return LoginAttemptResult.Success(account);
        }