protected ActionResult OnAuthenticated(LoginResult result)
        {
            if (!result.Status) return Json(result);
            var globalLoginId = AppUsers.GetMetaLoginId(AppUsers.GetCatalog(), result.LoginId);
            HttpCookie cookie = AuthenticationManager.GetCookie(globalLoginId.ToString(CultureInfo.InvariantCulture));
            Response.Cookies.Add(cookie);

            return Json(result);
        }
        protected async Task<ActionResult> OnAuthenticatedAsync(LoginResult result, SignInInfo model = null)
        {
            if (!result.Status)
            {
                await Task.Delay(new Random().Next(1, 5)*1000).ConfigureAwait(false);
                return new HttpStatusCodeResult(HttpStatusCode.Forbidden, JsonConvert.SerializeObject(result));
            }

            Guid? applicationId = null;

            if (model != null)
            {
                applicationId = model.ApplicationId;
            }

            var loginView = await AppUsers.GetCurrentAsync(this.Tenant, result.LoginId).ConfigureAwait(false);

            var manager = new Provider(this.Tenant, applicationId, result.LoginId, loginView.UserId, loginView.OfficeId);
            var token = manager.GetToken();
            string domain = TenantConvention.GetDomain();

            await
                AccessTokens.SaveAsync(this.Tenant, token, this.RemoteUser.IpAddress, this.RemoteUser.UserAgent)
                    .ConfigureAwait(true);

            var cookie = new HttpCookie("access_token")
            {
                Value = token.ClientToken,
                HttpOnly = true,
                Expires = token.ExpiresOn.DateTime
            };

            //localhost cookie is not supported by most browsers.
            if (domain.ToLower() != "localhost")
            {
                cookie.Domain = domain;
            }

            this.Response.Cookies.Add(cookie);
            return this.Ok(token.ClientToken);
        }
        protected ActionResult OnAuthenticated(LoginResult result, SignInInfo model = null)
        {
            if (!result.Status)
            {
                Thread.Sleep(new Random().Next(1, 5)*1000);
                return new HttpStatusCodeResult(HttpStatusCode.Forbidden, JsonConvert.SerializeObject(result));
            }

            Guid? applicationId = null;

            if (model != null)
            {
                applicationId = model.ApplicationId;
            }

            var manager = new Provider(AppUsers.GetCatalog(), applicationId, result.LoginId);
            var token = manager.GetToken();
            string domain = DbConvention.GetDomain();

            AccessTokens.Save(token, this.RemoteUser.IpAddress, this.RemoteUser.UserAgent);

            var cookie = new HttpCookie("access_token")
            {
                Value = token.ClientToken,
                HttpOnly = true,
                Secure = true,
                Expires = token.ExpiresOn
            };

            //localhost cookie is not supported by most browsers.
            if (domain.ToLower() != "localhost")
            {
                cookie.Domain = domain;
            }

            this.Response.Cookies.Add(cookie);
            return Json(token.ClientToken);
        }