/// <summary>
        /// Login 
        /// </summary>
        /// <param name="user"></param>
        /// <param name="transaction"></param>
        /// <returns></returns>
        public async Task<User> Login(User user, TransactionInformation transaction)
        {
            try
            {
                _accountDataService.CreateSession();
                user = _accountDataService.Login(user.UserName, user.Password);

                if (user != null)
                {
                    _accountDataService.BeginTransaction();
                    _accountDataService.UpdateLastLogin(user);
                    await _accountDataService.CommitTransaction(true);
                    transaction.ReturnStatus = true;
                }
                else
                {
                    transaction.ReturnStatus = false;
                    transaction.ReturnMessage.Add("Invalid login or password.");
                }
            }
            catch (Exception ex)
            {
                transaction.AddExceptionMessage(ex);
            }
            finally
            {
                _accountDataService.CloseSession();
            }

            return user;
        }
        public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext)
        {
            var request = actionContext.Request;
            var headers = request.Headers;
            if (!headers.Contains("X-Requested-With") || headers.GetValues("X-Requested-With").FirstOrDefault() != "XMLHttpRequest")
            {
                TransactionInformation transactionInformation = new TransactionInformation();
                transactionInformation.ReturnMessage.Add("Access has been denied.");
                transactionInformation.ReturnStatus = false;
                actionContext.Response = request.CreateResponse(HttpStatusCode.BadRequest, transactionInformation);
            }
            else
            {
                HttpContext ctx = default(HttpContext);
                ctx = HttpContext.Current;
                if (ctx.User.Identity.IsAuthenticated == false)
                {
                    TransactionInformation transactionInformation = new TransactionInformation();
                    transactionInformation.ReturnMessage.Add("Your session has expired.");
                    transactionInformation.ReturnStatus = false;
                    actionContext.Response = request.CreateResponse(HttpStatusCode.BadRequest, transactionInformation);
                }

            }
        }
        /// <summary>
        /// Register User
        /// </summary>
        /// <param name="user"></param>
        /// <param name="confirmationPassword"></param>
        /// <param name="transaction"></param>
        /// <returns></returns>
        public async Task<User> RegisterUser(User user, string confirmationPassword, TransactionInformation transaction)
        {
            try
            {
                user.FirstName = Utilities.UppercaseFirstLetter(user.FirstName.Trim());
                user.LastName = Utilities.UppercaseFirstLetter(user.LastName.Trim());

                _accountDataService.CreateSession();

                _businessRules.ValidateUser(user);
                _businessRules.ValidatePassword(user.Password, confirmationPassword);

                if (_businessRules.ValidationStatus == true)
                {
                    _accountDataService.BeginTransaction();
                    _accountDataService.RegisterUser(user);
                    await _accountDataService.CommitTransaction(true);
                    transaction.ReturnStatus = true;
                    transaction.ReturnMessage.Add("User registered successfully.");
                }
                else
                {
                    transaction.ReturnStatus = _businessRules.ValidationStatus;
                    transaction.ReturnMessage = _businessRules.ValidationMessage;
                    transaction.ValidationErrors = _businessRules.ValidationErrors;
                }
            }
            catch (Exception ex)
            {
                transaction.AddExceptionMessage(ex);
            }
            finally
            {
                _accountDataService.CloseSession();
            }

            return user;
        }