Fix User fields

[qgerome]

No description provided.

[lgtm-com]

This pull request introduces 5 alerts and fixes 6 when merging c172b35 into d02ac16 - view on LGTM.com

new alerts:

• 3 for Clear-text logging of sensitive information
• 2 for Use of a broken or weak cryptographic hashing algorithm on sensitive data

fixed alerts:

• 3 for Unused local variable
• 3 for Unused import

[edarchis]

This should be merged into the current release but I'll do some more testing.

LGTM complains about logging of sensitive data: it is the userid/username. It only occurs when there is a failed attempt at changing the username. So I'll stand by the need to log this information.
It also complains about the password hashing function that is not complex enough. It's a SHA256, which is already good but libs like bcrypt will apply it a number of times to make the computation a lot harder. Given that we are still in hybrid mode, we have to maintain the compatibility with the legacy .NET and therefore maintain this hashing. The records are all salted with very long salts, so it's too much of a problem.