public ActionResult Login(string returnUrl) {
            var loginAttempt = new LoginViewModel {
                ReturnUrl = returnUrl
            };

            return View(loginAttempt);
        }
        public ActionResult Login(LoginViewModel loginViewModel) {
            var staffMember = _staffMemberRepository.GetAll().SingleOrDefault(sm => 
                sm.EmployeeNumber == loginViewModel.EmployeeNumber && 
                sm.PasswordHash == loginViewModel.GetPasswordHash());

            if (staffMember != null) {
                FormsAuthentication.SetAuthCookie(loginViewModel.EmployeeNumber, false);
                TempData["message"] = "You have successfully logged in.";
                return Redirect(loginViewModel.ReturnUrl);
            }

            ViewData["message"] = "The login credentials provided were invalid.";
            return View(loginViewModel);
        }