protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            User user = HttpContext.Current.Session[SessionVars.User] as User;
            HttpCookie c = httpContext.Request.Cookies.Get(FormsAuthentication.FormsCookieName);

            #region Persistent Login

            if (user == null && c != null && !string.IsNullOrEmpty(c.Value))
            {
                FormsAuthenticationTicket t = FormsAuthentication.Decrypt(c.Value);

                string email = t.UserData.Split(' ')[0];
                string password = t.UserData.Split(' ')[1];

                Credentials credentials = new Credentials() { Email = email, Password = password };

                if (this.LoginUser(credentials))
                {
                    user = new User() { Email = credentials.Email, Password = credentials.Password };

                    httpContext.Session["user"] = user;
                }

            }
            #endregion

            if (user != null)
                return true;

            return false;
        }
        private void CreateAuthenticationTicket( User user )
        {
            Session[SessionVars.User] = user;

            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
                user.Email,
                DateTime.Now,
                DateTime.Now.AddYears(1),
                true,
                user.Email + " " + user.Password,
                FormsAuthentication.FormsCookiePath);

            // Encrypt the ticket.
            string encTicket = FormsAuthentication.Encrypt(ticket);

            // Create the cookie.
            HttpCookie cookie = new HttpCookie("AuthCookie");
            cookie.Value = encTicket.ToString();
            cookie.Expires = DateTime.Now.AddYears(1);

            Response.Cookies.Add(cookie);
        }