public IValidationContainer<User> SaveOrUpdate(User user)
        {
            var container = user.GetValidationContainer();
            if (!container.IsValid)
                return container;

            userRepository.SaveOrUpdate(user);
            _unitOfWork.Commit();

            return container;
        }
        protected internal virtual IValidationContainer<User> Authenticate(User account, string password,
            int failedLoginCount, TimeSpan lockoutDuration)
        {
            var container = account.GetValidationContainer();
            if (!container.IsValid)
                return container;

            var result = account.Authenticate(password, failedLoginCount, lockoutDuration);

            if (!result)
                container.ValidationErrors.Add("", new List<string>() {"Unable to authenticate user"});

            this.userRepository.SaveOrUpdate(account);
            _unitOfWork.Commit();

            Tracing.Verbose(String.Format("[UserAccountService.Authenticate] authentication outcome: {0}, {1}, {2}",
                account.Tenant, account.Username, result ? "Successful Login" : "Failed Login"));

            return container;
        }
        public virtual IValidationContainer<User> CreateAccount(string tenant, string username, string password,
            string email, string firstName, string lastName, string phone, string address)
        {
            Tracing.Information(String.Format("[UserAccountService.CreateAccount] called: {0}, {1}, {2}", tenant,
                username, email));

            if (_settings.EmailIsUsername)
            {
                username = email;
            }

            if (!_settings.MultiTenant)
            {
                tenant = _settings.DefaultTenant;
            }

            if (String.IsNullOrWhiteSpace(tenant)) throw new ArgumentException("tenant");
            if (String.IsNullOrWhiteSpace(username)) throw new ArgumentException("username");
            if (String.IsNullOrWhiteSpace(password)) throw new ArgumentException("password");
            if (String.IsNullOrWhiteSpace(email)) throw new ArgumentException("email");
            if (String.IsNullOrWhiteSpace(email)) throw new ArgumentException("firstName");
            if (String.IsNullOrWhiteSpace(email)) throw new ArgumentException("lastName");
            if (String.IsNullOrWhiteSpace(email)) throw new ArgumentException("phone");
            if (String.IsNullOrWhiteSpace(email)) throw new ArgumentException("address");

            ValidatePassword(tenant, username, password);

            var validator = new EmailAddressAttribute();
            if (!validator.IsValid(email))
            {
                Tracing.Verbose(
                    String.Format("[UserAccountService.CreateAccount] Email validation failed: {0}, {1}, {2}", tenant,
                        username, email));

                throw new ValidationException("Email is invalid.");
            }

            if (UsernameExists(tenant, username))
            {
                Tracing.Verbose(String.Format("[UserAccountService.CreateAccount] Username already exists: {0}, {1}",
                    tenant, username));

                var msg = _settings.EmailIsUsername ? "Email" : "Username";
                throw new ValidationException(msg + " already in use.");
            }

            if (EmailExists(tenant, username))
            {
                Tracing.Verbose(String.Format("[UserAccountService.CreateAccount] Email already exists: {0}, {1}, {2}",
                    tenant, username, email));

                throw new ValidationException("Email already in use.");
            }

            var account = new User(tenant, username, password, email)
            {
                FirstName = firstName,
                LastName = lastName,
                Address = address,
                PhoneNumber = phone
            };

            var validation = account.GetValidationContainer();
            if (!validation.IsValid)
                return validation;

            this.userRepository.SaveOrUpdate(account);

            if (this.notificationService != null)
            {
                if (_settings.RequireAccountVerification)
                {
                    this.notificationService.SendAccountCreate(account);
                }
                else
                {
                    this.notificationService.SendAccountVerified(account);
                }
            }

            _unitOfWork.Commit();
            return validation;
        }