private static string AuthenticateUser(int userId, int organizationId, bool storeInfo, bool isBackDoor = false)
        {
            string    result    = string.Empty;
            LoginUser loginUser = new LoginUser(UserSession.ConnectionString, userId, organizationId, null);
            User      user      = Users.GetUser(loginUser, userId);
            string    deviceID  = GetDeviceID();

            TSAuthentication.Authenticate(user, isBackDoor, deviceID);
            if (!isBackDoor)
            {
                LoginAttempts.AddAttempt(loginUser, userId, true, HttpContext.Current.Request.UserHostAddress, HttpContext.Current.Request.Browser, HttpContext.Current.Request.UserAgent, deviceID);
                System.Web.HttpBrowserCapabilities browser = HttpContext.Current.Request.Browser;
                ActionLogs.AddActionLog(loginUser, ActionLogType.Insert, ReferenceType.Users, userId, "Logged in (" + browser.Browser + " " + browser.Version + ")");

                ConfirmBaseData(loginUser);

                if (storeInfo)
                {
                    HttpContext.Current.Response.Cookies["rm"]["a"]    = user.Email;
                    HttpContext.Current.Response.Cookies["rm"]["b"]    = user.OrganizationID.ToString();
                    HttpContext.Current.Response.Cookies["rm"].Expires = DateTime.UtcNow.AddDays(7);
                }
                else
                {
                    HttpContext.Current.Response.Cookies["rm"].Value = "";
                }
            }

            if (user.IsPasswordExpired && !isBackDoor)
            {
                result = string.Format("vcr/1/LoginNewPassword.html?UserID={0}&Token={1}", user.UserID, user.CryptedPassword);
            }
            else
            {
                string rawQueryString = null;

                try
                {
                    rawQueryString = HttpContext.Current.Request.UrlReferrer.Query;
                }
                catch (Exception)
                {
                    //vv
                }

                if (!string.IsNullOrEmpty(rawQueryString))
                {
                    string urlRedirect = GetQueryStringValue(rawQueryString, "ReturnUrl");

                    if (!string.IsNullOrEmpty(urlRedirect) && urlRedirect.Trim().Length > 0)
                    {
                        result = urlRedirect;
                    }
                    else
                    {
                        result = ".";
                    }
                }
                else
                {
                    result = ".";
                }
            }

            return(result);
        }