public ActionResult Login(LoginViewModel user, string returnUrl) { ViewResult viewResult = View(user); try { UserAccount userAccount = null; // this action is for handle post (login) if (ModelState.IsValid) // this is check validity { if (user != null) { //validate user userAccount = ModelCollections.userAccounts.Find(x => x.Username == user.Username); // var index = ModelCollections.userAccounts.FindIndex(x => x.Username == user.Username); //here index is ID in userAccount so the line above is not necessary if (userAccount != null) { if (userAccount.Username != null) { if (userAccount.UserPassword != null) { //decrypt found password if necessary and compare it to the one provided in login if (user.Password == userAccount.UserPassword) { Session["UserRole"] = userAccount.Role; Session["Username"] = userAccount.Username; Session["UserID"] = userAccount.ID; Session["FullName"] = userAccount.Name + " " + userAccount.LastName; ActivityString activity = LogActivity.LoginUser(); int.TryParse(Session["UserID"].ToString(), out int id); int recordID = ModelCollections.userActivityLogs.Count + 1; ModelCollections.userActivityLogs.Add(new UserActivityLog() { ID = recordID, UserAccountID = id, Username = Session["Username"].ToString(), Activity = activity.Activity, ActivityDate = DateTime.Now, ActivityDescription = activity.ActivityDescription, Error = "", //if there was an error, you can report it here as well Source = System.Environment.MachineName }); //Add login date to user who logged in ModelCollections.userAccounts[userAccount.ID].LastLoginDate = DateTime.Now; return(RedirectToLocal(returnUrl)); } else { ModelState.AddModelError(String.Empty, "Incorrect password"); } } } else { ModelState.AddModelError(String.Empty, "Username does not exist"); } } else { ModelState.AddModelError(String.Empty, "User account does not exist"); } } } } catch (Exception ex) { ModelState.AddModelError(String.Empty, "Error. Check log for details."); //there should be a log } return(viewResult); }